Harry Waldron - Corporate Security News

This new Trojan from the Storm Worm authors, registers a malicious dll as a COM object and Browser Helper Object (BHO) for Microsoft Internet Explorer. It can then inject a copy of the malicious code into blog comments automatically from an infected PC. 

Please avoid any "fun video links" you may see in a blog post as AV protection is very limited at this point.

Mespam Trojan - New Storm Worm version spreading as blog comments
http://secunia.com/virus_information/35867/spam-mespam/
http://vil.nai.com/vil/content/v_141590.htm
http://www.sophos.com/security/analyses/malcimuza.html
http://securitywatch.eweek.com/exploits_and_attacks/new_storm_worm_spreading_via_blog_posts.html

QUOTE: A Storm worm variant using both e-mail and Web sites to infect Windows-based PCs is injecting itself into the responses people are leaving on blogs.  Dmitri Alperovitch, principal research scientist at Secure Computing, told eWEEK that the worm is injecting itself into the operating system as a rootkit and is capable of intercepting Web traffic.

When a user with an infected system visits a bulletin board or posts to a blog, the worm inserts a malware into his or her comments. The line asks readers to look at a fun video and contains a link leading to a Web site where the malware is waiting to reinfect more users.

The worm is taking over PCs, Secure Computing reports, giving the criminal control for multiple purposes: sending spam, launching DDoS attacks and running keyloggers.

Also notable in this worm is that it's using server polymorphism—i.e., it contains self-modifying code that changes automatically every time it is downloaded. This worm form has been around "for ages," Alperovitch said, such as in the Bagle worm. Morphing worms are designed to avoid antivirus signature detection, and so far, Alperovitch said, it's working, as few major antivirus vendors have detected it.

To avoid infection, the advice is to refrain from clicking on the "fun video" link.