Falling In Love with You…

The holiday season is over and Valentine’s Day is one month away, but the cybercriminals aren’t willing to wait that long. This morning we saw a new variant of Dorf malware (also known as Storm) spammed out using the “Love” theme. Here are some sample subjects lines:

Falling In Love with You
Special Romance
You're In My Thoughts
Sent with Love
Our Love Will Last
Our Love is Strong
Your Love Has Opened
You're the One
A Toast My Love
Heavenly Love

The body of the message directs to an IP-address based website (hosted on the Storm botnet), which looks like this:


The web page has some JavaScript code that attempts to hide the link to malware binary from automated crawlers.

The good news is that our email gateway products blocked 100% of the spam proactively. And the anti-virus protection was updated soon after we received the first samples.

The following chart illustrates just how widespread is the campaign. It’s now making up to 8% of overall email traffic and is growing.


Note: All times in the above graphic are PST.