As Valentines Day approaches, we see the Storm team have made yet another change in an effort to further populate their army of bots. A subsection of their herd that have been hosting the Valentines-related content now presents the visitor with one of eight randomly themed images and bestows upon them the gift of "valentine.exe," detected as Trojan.Peacomm.D.

The page serves up a random image file per visit (or refresh of the page), probably via some server-side scripting. A five second delay using a meta-refresh tag provides enough time to enjoy the image before being prompted to save the executable on the local system. A recent perusal of our spam trap continues to catch a large number of emails with a Valentines Day theme containing a hyperlink to one of many malicious IP addresses under the control of Storm.

Surely after such a long and malicious campaign by the Storm crew, widely-publicized on the Web, no one would still fall for these kinds of threats? Recent history disagrees. Holiday theme-based threats have enjoyed great success, dating back to at least 2000 and every year attackers are successful in compromising machines via constructed email messages. While the messages change from year to year, the mitigation strategy remains the same, which includes keeping your anti-virus signatures up-to-day and treating all emails that arrive in your inbox carefully.