Falling In Love with You…

Image (1) withlove.png for post 21607

The holiday season is over and Valentine’s Day is one month away, but the cybercriminals aren’t willing to wait that long. This morning we saw a new variant of Dorf malware (also known as Storm) spammed out using the “Love” theme. Here are some sample subjects lines:

Falling In Love with You
Special Romance
You're In My Thoughts
Sent with Love
Our Love Will Last
Our Love is Strong
Your Love Has Opened
You're the One
A Toast My Love
Heavenly Love

The body of the message directs to an IP-address based website (hosted on the Storm botnet), which looks like this:


The web page has some JavaScript code that attempts to hide the link to malware binary from automated crawlers.

The good news is that our email gateway products blocked 100% of the spam proactively. And the anti-virus protection was updated soon after we received the first samples.

The following chart illustrates just how widespread is the campaign. It’s now making up to 8% of overall email traffic and is growing.


Note: All times in the above graphic are PST.