Waledac Exploits Valentine's Day Messages to Deliver Malware
Symantec has alerted computer users that as President Barack Obama's swearing-in ceremony concluded and Valentine's Day is drawing close (February 14, 2009), Waledac botnet creators are devising new methods of sending malware through spam love messages.
Spam emails saying "I am in love with you", "You belong to me" are used as bait. Upon opening the link embedded in the message, the person is directed to a website containing images of dozen hearts along with a message reading, "Which heart belongs to you ?"
Commenting on this issue, security analysts advised users against visiting these websites and refrain from downloading or running any of these executable files since they can affect their PCs.
Meanwhile, Symantec has equated this technique of Waledac circulation to the one employed by Storm bot in February 2008 last year through spam messages saying "With love!" In fact, security analysts in the past have also compared the malware distribution techniques of Waledac with that of the Storm bot.
As per security specialists at both MXLogic and Symantec, it appears that the old Storm operators are trying to develop their new botnets. They are using the time-tested and reliable techniques of social engineering campaigns involving popular holiday subjects.
According to investigations conducted by security analysts, the present form of Waledac is a long way from the volume to which the Storm bot had succeeded to develop to. However, they think that it has the potential to present a big threat in future.
Ultimately, Symantec advises users against clicking on all such links in messages from unidentified origins. Users are also advised to be careful while visiting sites that are providing unbelievable offers.
Related article: Waledac Trojan Suspected to be a Variant of Storm Worm
» SPAMfighter News - 09-02-2009