The storm Germany calls Kyrill took the lives of at least 44 people across Europe, resulting in more than one billion euros damage in Germany alone. While that storm raged, another storm hit the cyber waves in the form of an email worm. As F-Secure reported, The Storm-Worm that F-Secure refers to as Small-DAM is a variant of Small:
Small.DAM, a variant of Small, is a Trojan that arrives on the system as attachment file to spam emails. Small.DAM loads a malicious service named “wincom32” in the affected machine.
Following are some of the possible subject headings reported by F-Secure, followed by sample attachment names:
As reported by Sophos:
“The distribution has been so widespread that since midnight GMT the Trojan has accounted for over two thirds of all malware reports seen at Sophos’s global network of monitoring stations, accounting for an infection rate of 1 in 200 of all emails being sent across the net.”
Europe could not avoid the devastating storm but you can avoid infection. If your email spam filters don’t pick it up, you can avoid infection by blocking executables in your email client. If you use webmail, do not click the attachment.
More at F-Secure.