New Storm Worm inserts links in user messages

A new variant of the Storm Worm has been detected, which inserts unsolicited links into blogs and forums which can infect other users if clicked on.

The original Storm Worm was rand was mass emailed to hundreds of thousands of people in January this year. It was embedded in an attachment claiming to provide dramatic information on storms that had recently ravaged Europe.

Those who opened the attachment risked infecting their computers with a worm that turned the users PC into a bot network.

The new Storm Worm variant can infect a user’s PC if they open an infected attachment, click on a malicious link, or visit an infected website.

However, the new variant does something dramatically different according to Secure Computing.

The twist is that when an infected PC is used to post messages to blogs and forums, the worm automatically inserts links into the messages which if clicked can infect other users.

It’s worth pointing out that this are not intended to be links for SEO purposes - ie, to help with rankings on search engines - but instead as a vector for infecting other users.

However, it’s worth considering how long it is before virus writers turn their attention to infecting users PC’s in order to embed links - either directly into webpages, or else to skew clickstream data.