Malware

Storm worm storms Yahoo's Web page hosting site, Geocities

The Storm worm has got to Geocities, Yahoo's Web page hosting service, embedding malicious JavaScript code.

The Storm worm has got to Geocities, Yahoo's Web page hosting service, embedding malicious JavaScript code.

An excerpt from PC World | Computer World:

The GeoCities sites are infected with malicious JavaScript code that redirects the user's browser to secondary URLs hosted in Turkey, Ferguson said. The Turkish URLs, meanwhile, try to persuade the user to download a new codec that's supposedly necessary to view images on the GeoCities sites. According to Trend Micro's analysis, the bogus codec -- which claims to be for the 360-degree IPIX format -- is actually an identity- and information-stealing piece of malware.

Security researchers observing the botnets reported that the bots were loaded with a new template to spam links to sites on Geocities.

The latest trend at the Storm worm front is it masquerading as a codec download. This method has led several users to click on download links for the codecs, installing Trojans on their systems.

More information:

Storm worm spams its bots with pop-up (Secure Computing)

Editor's Picks