The new attack uses email greeting cards to dupe users into downloading and launching the Trojan application.
Spam messages inform users that they have received an April Fools' greeting card. On clicking the link, the user is redirected to an all-numeric URL and a page which attempts to automatically download an executable file.
The executable contains malware which will add the user's PC to the huge Storm botnet.
The malware network uses peer-to-peer networking tactics to update the software and instruct machines within the network to perform further malicious activities.
Jose Nazario, senior security engineer at Arbor Networks, said that the attack appears to have been launched quite recently.
Nazario reported in a blog posting that the campaign "appears to have started in the past few hours, and reports indicate it was in preparation for the past 24 hours or so".
The attacks follow a familiar pattern for Storm. The operators behind the malware have been using phoney holiday greeting cards to spread the malware almost since the worm was first discovered.
Valentine's Day and New Year's Day have also been recent catalysts for Storm worm attacks.
The storm botnet has become something of a legend within the security community. Researchers have warned that its sophistication in spreading and managing infections could serve as a template for future worms.
There have also been fears that the storm botnet is being rented out to other criminal enterprises which are using its extensive network for phishing runs.
Storm worm seeks out April fools
By Shaun Nichols on Apr 2, 2008 7:42AM