Happy Valentine's Day! You've got a computer virus!
IT managers around the world braced themselves Thursday for an expected onslaught of romantic "e-cards" surreptitiously carrying the nastiest virus around: the Storm Worm.
"Once the user clicks on the [e-mail] link, malware is downloaded to the Internet-connected device and causes it to become infected and part of the Storm Worm botnet," warns a public alert posted on the FBI's Web site Monday.
"The Storm Worm virus has capitalized on various holidays in the last year by sending millions of e-mails advertising an e-card link within the text of the spam e-mail," says the FBI. "Valentine's Day has been identified as the next target."
Haven't heard of the Storm Worm? That's because it hasn't "struck" yet, even though researchers first noticed it more than a year ago after it cropped up in e-mails showing photos of damage from European windstorms in January 2007.
Since then, it's steadily infected an estimated 10 million Windows-based PCs around the world, all under the command of unknown "bot herders" who've silently fashioned them into a "zombie army" or "botnet" — a massive network of "enslaved" PCs awaiting the signal to launch a cyberattack.
Problem is, that attack hasn't yet come, and no one besides its creators really knows what the Storm Worm botnet is meant for.
It could be a Russian military project against the West, but many experts figure it's actually a criminal enterprise being rented out piecemeal to e-mail spammers.
What is known for sure is that the Storm Worm and its botnet are extraordinarily resilient and adaptive.
The worm itself constatly mutates to avoid detection by security software, and the botnet has mounted minor defensive attacks upon security companies that have tried to dislodge it.
As the FBI puts it, "[b]e wary of any e-mail received from an unknown sender. Do not open any unsolicited e-mail and do not click on any links provided."