Storm's new tactic to evade spam filters
I have posted a new (first! :) article on my blog to explain a new behavior that Stom has to spread its spam. Basically the spam advertises some legitimate web sites, that had been previously attacked to host a malicious web page. I believe this could, in part, be a technique to try to evade spam filters.
Here is a link to the article: