Spammers Using Waledac Botnet to Spread Infection in Computers

Researchers at the security firm Symantec report that a new version of the notorious Waledac botnet 'W32.Waledac' is distributing spam mails and using American Independence Day (4th July) as the message's subject.

The e-mails lure recipients to log-on the malicious Waledac websites and then encouraged them to download malware. One way to achieve this is through the creation of fake YouTube websites. Interestingly, the YouTube web page contains certain written material that is grammatically erroneous.

The page states that users can find a 'fireworks' video link given to celebrate the 2009 Independence Day. But when users click on it, they actually download a W32.Waledac executable file that bears various names like 'movie.exe,' 'video.exe,' 'setup.exe' and 'run.exe.'

Furthermore, the malicious spam messages arrive with subject lines such as "Happy Fourth of July," "Fourth of July Fireworks Shows," "Sparkling Celebration of Independence Day," "Amazing Independence Day Show" and "The best firework you've ever seen" and several others.

Additionally, the e-mails also divert users to other websites such as holifireworks.com, 4thfirework.com, holidayfirework.com and video4thjuly.com.

According to another security vendor PC Tools, the botnet keeps on maintaining peer nodes over HTTP technology in XML data for its P2P.

Commenting on the point, the security researchers stated that even as the Waledac spam dwindles, miscreants continue to use 4th of July celebrations for disseminating malicious executables. Actually, the presence of Waledac began to appear in smaller quantities.

Nonetheless, the recent trend suggests that spammers don't miss opportunities like festivals or other special occasions to exploit Internet users with their malevolent acts. As a matter of fact, they hold back till such occasions arise when they devise different spamming techniques. The Independence Day celebration is similarly one such occasion for which spammers have been waiting. It is worth mentioning that predictions were already made that spammers would exploit this occasion.

Back in 2007, security analysts at TRACE (Marshal Threat Research and Content Engineering) reported that spam mailers utilized the '4th of July' to send e-greeting spam that infected recipients' computers with trojans when they followed a given link.

Related article: Spammers Continue their Campaigns Successfully

» SPAMfighter News - 21-07-2009

All SPAMfighter products offer a free trial!

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail, Windows Live Mail and Thunderbird.

Optimize your Slow PC for better performance. Try FREE scan now

Disk space recovery
and disk optimization. Try FULL-DISKfighter free

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial.

Remove Spyware with SPYWAREfighter - Free 30 days trial

Antivirus software for your Windows PC - Free 30 days trial