Security specialists Sophos has released a warning regarding the inevitable malware posing as a message of love on this, Valentine’s Day. The Dref-AB worm is said by Sophos to be spreading fast across the Internet, helped by a clever distribution campaign which saw it emailed to inboxes late last night so that unsuspecting office workers and home users alike would find it waiting for them first thing this morning. Needless to say, the con worked and since midnight GMT the Dref-AB worm has accounted for an astonishing 76.4 percent of all malware coming through the Sophos global network of virus monitoring stations.

Although the subject lines being used in the attack email are varied, as usual, the romantic theme remains throughout. Some examples that Sophos has seen include:

  • A Valentine Love Song
  • Be My Valentine
  • Fly Away Valentine
  • For My Valentine
  • Happy Valentine's Day
  • My Lucky Valentine
  • My Valentine
  • My Valentine Heart
  • My Valentine Sunshine
  • Send Love On Valentines
  • The Valentine Love Bug
  • The Valentines Angel
  • Valentine's Love
  • Valentine's Night
  • Valentine Letter
  • Valentine Love Song
  • Valentine Sweetie
  • Valentines Day Dance
  • Valentines Day is here again
  • Your Love on Valentine's

Look out for files called flash postcard.exe, greeting postcard.exe, greeting card.exe, or postcard.exe which are attached to the email and carry the worm payload itself. Again, exactly the kind of files the unsuspecting romantic fool would be expecting to get on today of all days. Sophos believes that the worm code is designed to download further malicious code from the Internet in an attempt to take over the PC, convert it into part of a zombie network, and use it to send spam on behalf of hacking gangs.

"This new Valentine attack is spreading hard and fast across the net, accounting for over three quarters of all the malware we've seen at email gateways around the globe since February 14 began," said Graham Cluley, senior technology consultant at Sophos. "People will be truly love sick if they let the virus run on their PC."

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

11 Years
Discussion Span
Last Post by JJarvis
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.