Waledac Botnet Backs with a Bang!
Palo Alto Networks have announced about the revamp of the Waledac spam botnet, set with all new capability of stealing passwords, which is turning to be more treacherous then the older one that Microsoft took down last year, as per news published in eWEEK.COM on February 15, 2012.
Microsoft took control of the Waledac earlier, two years back, when the Company cut off the link between the command-and-control servers of these botnets and the numerous other zombie computers controlled by it. Microsoft empowered the domains that were utilized for running the botnet with due permission from the court.
According to Wade Williamson, a Senior Security Analyst at Palo Alto Networks, computers compromised with the new variant of Waledac are still sending out spam, but with enhanced capabilities of stealing passwords and authentication information, as per news published in eWEEK.COM on February 15, 2012
During its tenure, the Waledec variant sent 1.5 Billion spam messages, per day comprising of online pharmacy, phony products, jobs, and penny stock spam scams. Now that the Waledac variant is back once again, the brains behind it are still latent and are not making any existence, stated Williamson.
Owing to the sophistication of the renewed Waledac variant, its dangerous implications are beyond imagination. Recent incidents of stealing passwords hint at serious infringement and compromises that erupted due to this botnet.
Prior to blocking the botnet's malware, Palo Alto checked it on 30 or 40 customer firewalls in Europe. The imminent scope of this spamming botnet remains unknown yet, though it at least seems to be smaller, more target oriented and more threatening than a spamming botnet. Although infections are still ongoing through the Web browsers, the exact delivery method is still under supervision. However, though a spamming botnet develops and spreads at an enormous speed within a short span, this botnet seems to be longer-lived, claimed Wade, reports ars technica on February 15, 2012.
Nevertheless, Williamson is apprehensive about the mission of the perpetrators, if they are satisfied and will resume the operations or they have already sold the code to the newcomers for yielding higher profit.
Related article: Waledac Trojan Suspected to be a Variant of Storm Worm
» SPAMfighter News - 20-02-2012