Some clever, sexy Christmas-themed spam and a long holiday season helped the criminals behind the notorious Storm Worm more than double their network of infected PCs over the past few weeks, security experts say.
Storm kicked off its holiday spam-and-malware campaign on the day before Christmas, sending off a flurry of e-mail that invited victims to visit a Christmas-themed strip show on Web sites such as Merrychristmasdude.com. Victims who downloaded the strip show found their PCs attacked by malicious software.
This site, and about 14 other Storm-related domains, was registered using a Russian domain name registrar called Nic.ru, where staff was largely unavailable during the holidays, according to Richard Cox, the chief information officer with the Spamhaus anti-spam effort.
Storm takes holidays by storm!