The Happy New Year worm that hit headlines towards the end of last year has been unmasked as nothing more than a high-profile stock manipulation scam.
Panda Software reports the Nuwar.B worm variant is continuing its email spread at low levels using the same “Happy New Year” greeting and postcard.exe attachment that arrived with the first wave of infection of the worm some days ago, although its high point has now probably passed.
But the worm’s intentions have since become clearer. According to the company, the worm was designed simply to manipulate stocks by convincing recipients to buy shares in unnamed companies.
Anyone running the attached executable would find their PCs infected with the Spammer.EN Trojan. This malware then sets out to harvest any email addresses it finds on the system to send out stock manipulation emails. Infection appears to pose no direct risk to a user’s PC.
"In this case we see how an email worm is being used to make money," said Mikel Perez, of Panda Software’s Malware Detection Department.
"Most likely this is a criminal that has bought stocks at a low price, and has endeavoured to increase their price and obtain large benefits by spreading Nuwar.B."