During the past two years, security experts and software vendors have downplayed the threat of so-called worm viruses, but new evidence suggests that the attacks are still as dangerous, if not more so, than ever.

While the enormous mass-mailing worm viruses of years past -- such as the well-known MyDoom, Sobig, and Slammer attacks -- that were aimed at crippling IT infrastructure have all but disappeared, smaller outbreaks that aim to load financially-motivated malware onto end users' computers -- such as the recent Storm Worm -- will continue to menace the Internet, according to researchers.

Consensus opinion among security experts has been that as businesses and consumers improved their desktop security tools and computing habits, it became harder for malware writers to lure the same volumes of people with worms. This trend pushed the attackers away from creation of the self-propagating threats and further into financially-motivated crimeware, market watchers observed.

However, the continued spread and modification of Storm Worm, which first surfaced in mid-Jan. 2007, could illustrate an emerging breed of the attacks that is likely to trouble users in years to come.

On Feb. 27, workers at security software maker Secure Computing released details of a newly-emerging variant of Storm Worm that adds a Web-based social engineering component to the attack's more traditional e-mail and IM delivery models.

According to San Jose-based Secure, the new version of Storm Worm sits on an infected computer and waits for a user to post a message to a Webmail system or online bulletin board site, and then adds a link to those communications that sends anyone who clicks on the URL to a malware-laden Web page.

Threats that sit on the Storm-generated sites include variants of the attack itself, along with a range of crimeware programs aimed to steal sensitive personal or financial information.

Viruses like Storm, which can also be classified as a Trojan rootkit, reflect the manner in which attackers will leverage the time-honored worm platform to pass along their latest work, said Dmitri Alperovitch, principal research scientist at Secure.

"We're not discounting the threat from targeted financial attacks, but those tend to take a lot of work to pull off, as the attacker must do recon on the organization or user and put a good deal of effort into each target," Alperovitch said. "The payback on those attacks is probably greater, but these types of worms like the new variants of Storm can pay for themselves pretty quickly; there's little doubt we'll see more designed in this manner."

For more enterprise computing news, visit InfoWorld. Story copyright InfoWorld Media Group, Inc.