Although Christmas should be a moment of joy and peace, the already popular Storm botnet is still out there, ready to hook credulous Internet users. The hackers behind the Storm botnet seemed to have waited until the last minute, but starting with Monday they eventually began delivering unwanted Christmas gifts.

One day before Christmas, Storm-infected computers started sending out X-mas-themed spam emails in another attempt to trick naïve people into downloading malicious software. Hackers created a special web site with this occasion, named Merrychristmasdude.com. The malicious code Merrychristmasdude.com hided within was a version of the Storm Trojan horse virus that has been plaguing systems from all around the world for almost a year now.

The spam emails hackers sent for Christmas contained titles such as Mrs. Claus Is Out Tonight! or Warm Up this Christmas. They all invited users to visit Merrychristmasdude.com, where they were offered a free download that was in fact a malicious program, which F-Secure called Email-Worm.Win32.Zhelatin.pd. This program connects the infected computer to P-to-P network and starts downloading even more malware.

According to security researchers, the Storm botnet has infected more than 15 million computers over the past few months.