Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

New Waledac Spam Spread Rumors of Bomb Explosion

According to a warning from various security companies, online criminals are attempting to cheat users into downloading malicious codes by enticing them to an Internet site that falsely informs users of 'breaking news' about a bomb blast.

Reportedly, the criminals are distributing their malware by using e-mails that say a bomb blast has killed many people. The e-mails also display the subject line, "Why did it happen in your city?" Take Care!"

Subsequently, it narrates a false tale that 12 people have died and over 40 injured on account of the bomb explosion near an Amsterdam market.

In addition, the e-mail provides a web link that leads the user to an apparent 'Reuters' news item about the blast, with an accompanying video that asks to download a special CODEC necessary to watch the video. But on downloading it, a Waledac infection is triggered. The worm creates a backdoor component on the hijacked system and then waits to get instructions from a remote command-and-control server.

Security specialists have said that the bogus website uses geo-location technology to make the news story appear as if the blast occurred in a location or city near the surfer.

The bogus page also offers Google and Wikipedia search links in the form of "Related Links" at the page's end so that the page appears genuine. However, the text in the e-mails contains some grammatical and spelling errors that suggest the fakeness of the e-mails.

Commenting on the method of attack, Rik Ferguson, Researcher at Trend Micro, stated that the new campaign was an evidence that cyber criminals were not facing any problem in distributing their spam that potentially declined when web hosting firm McColo shut down, as reported by SCMagazine on March 16, 2009.

Meanwhile, it is reported that on March 16, 2009, out of 39 prominent antivirus vendors, 8 detected the Waledac Trojan, as per VirusTotal a file-analyzer.

According to the security specialists, the Waledac botnet's recent attacks had been using the financial crisis, the inauguration and Valentine's Day to infect computer users.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 20-03-2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next