Storm Worm

What is Storm Worm

Storm Worm preys on people' s emotions using catchy subject lines...

Storm Worm is a spyware/Trojan hijacker that infiltrates the victim's pc via email attachments or links to infected website downloads. Storm Worm preys on people's emotions using catchy subject lines to entice the user to open the infected email and attachment or follow the infected link. Storm Worm has proved to be quite good at deceiving people into infecting their computers as there are over 1 million computers turned into "Zombie mode" and controlled by the Storm worm.

What to expect if the computer is infected with Storm Worm:

Most often the Storm worm will go undetected by the user, as the storm worm uses rootkit technology to hide from being detected. However, there are some signs that may alert the user that they are indeed infected:

  • Installs other malware programs that may be detected
  • High bandwidth use; thus, it may slow down the internet
  • Opens ports on the firewall to gain remote access of the computer
  • Sends email out from the users machine, so your isp may notify you of increased activity as well.
  • Your bank or credit card institution may alert you of weird transactions on your account as the Storm Worm

Storm Worm may also steal personal information that may be used to steal your identity or steal directly from your accounts.

Common Email Subject lines

These emails contained links that lead to a fake NFL website that appeared real; however, when the user then downloaded what they thought was a game tracker, they unwittingly infected their own computers.

  • Free online game trackers
  • Warning!
  • Spyware Alert!
  • Trojan Alert!
  • Virus Alert!

These emails contained zipped, password protected attachments that claimed that the user must unzip and run these files to disinfect their computers. However, again this cunning Storm worm had deceived the users into infecting their own computers.

  • Spyware Detected!
  • Trojan Detected!
  • Virus Activity Detected!
  • Virus Detected!

Common Aliases used by Storm Worm

A few of the common aliases for the Storm Worm are:

  • Trojan.Peacomm [Symantec]
  • Win32.Small.DAM [F-Secure]
  • Win32.Small.* [F-Secure]
  • Troj/Dorf-Fam [Sophos]
  • TROJ_SMALL.EDW [Trend]
  • W32/Zhelatin.gen!eml [McAfee]
  • Email-Worm.Win32.Zhelatin [Kaspersky]

How to Remove Storm Worm

Storm Worm is not an easy spyware/Trojan application to remove. It digs into the registry, modifies system files and uses rootkit technology to hide from the majority of removal programs. Unless you're an expert, please DO NOT attempt to fix this on your own, your run the risk of severely damaging your computer. Instead, the best option is call the experts at support.com, who are experienced and ready to help you 24/7 with the removal of Storm Worm from your computer.

How to Protect against future Storm Worm infections

  • Storm Worm has infected over 1 million computers using social engineering tricks to deceive people into infecting their own computers. Thus, you must be aware and prepared. Websites like www.hoaxbusters.ciac.org, www.snopes.com and the like are a good place to research an email you get before following any links or opening any attachments on your computer. If the email is legit then one of the above sites should have some information on the email and a statement about the email being valid. If the email is listed as dangerous or invalid, delete the email immediately, do not open it or follow any links contained in the email. Protect yourself and others that would be harmed if your computer became infected and controlled by the Storm Worm.
  • Install a trusted antivirus and firewall.
  • Install a trusted antispyware application.
  • Use an online identity theft protection application like Sana Safeconnect. Sana Safeconnect costs about $29.00 per computer per year, and is well worth the investment.