Author Topic: "Storm" worm spam video- bespoke exploits  (Read 2913 times)

0 Members and 1 Guest are viewing this topic.

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
"Storm" worm spam video- bespoke exploits
« on: August 27, 2007, 11:38:47 AM »
"Storm" worm spams serves up different exploits to different browsers, modifies the exploits to evade detection, and offers a malware file under various names:

F-Secure Video (On YouTube)
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: "Storm" worm spam video- bespoke exploits
« Reply #1 on: August 27, 2007, 11:51:01 AM »
Hi FwF,

That is why I say we should block all script etc. from running inside a browser until we know a certain site to be free of malware. In FF and Flock the safest way to go is having NoScript installed, and temporarily allow a site when scandoo or another linkscanner or DrWeb's av linkscanner shown the site to be free of malware. For these embedded scripts, tags, malicious code etc. there should not be a chance of running automatically inside a browser brought in by browser developers BY DEFAULT, else we loose the fight. How to convince opposing parties this is the only way to go? (With opposing parties I mean those that benefit from monitoring, tracking, clickstream harvesting etc, and the lazy unaware browser user of the "I cannot be bothered to do anything about it, must be easy and fast" types).  What we need here basically is a change of attitude, that is really what it is all about.

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!