New Waledac spam falsely warns of bomb blasts

By

Security companies warned today of a new malware campaign in which the Waledac botnet creators are distributing emails that falsely claim the recipient's city has been the site of a bomb blast.

Security companies warned today of a new malware campaign in which the Waledac botnet creators are distributing emails that falsely claim the recipient's city has been the site of a bomb blast.

The emails contain a link that leads to a malicious site, complete with the logo for news agency Reuters. The headline across the mock page, customised for each viewer thanks to geolocation technology that enables the site to map incoming IP addresses, warns of a "powerful explosion" in the victim's city, Dan Hubbard, CTO of security firm Websense, told SCMagazineUS.com.

Below that is a brief news story and a video player, said Hubbard, who added that Websense has received tens of thousands of attack samples since Sunday. The goal is to dupe users into clicking on a link to view the video, which installs the increasingly prevalent Waledac trojan. The malware opens a backdoor on the compromised machine and then sits quietly, awaiting additional commands from its command-and-control server, he said.

Though the emails do contain some spelling and grammatical errors, the social engineering aspects may be slick enough to dupe many victims, Hubbard said.

"As soon as you add in legitimate brands, people tend to think, 'Wow, this is really real,'" he said.

Trend Micro researcher Rik Ferguson said on the anti-virus firm's blog that the latest campaign is proof that cybercrooks are having no problem making up for the amount of spam that may have dropped off when web hosting provider McColo was shut down.

As of early this morning AEST, eight of 39 major anti-virus providers detected the new Waledac variant, according to a file-analyser VirusTotal test commissioned by Hubbard and his team.

The most recent Waledac attacks leveraged US president Barack Obama's inauguration, the economic crisis and Valentine's Day to infect users. Hubbard said researchers had been expecting a St. Patrick's Day-themed attack until they began seeing the fake bomb spam.

See original article on scmagazineus.com

New Waledac spam falsely warns of bomb blasts
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
blastsbombmalwaresecurityspamwaledacworm

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Reclaim Control with Cloud Repatriation: Know the Signs
Reclaim Control with Cloud Repatriation: Know the Signs
FlexPod: Powering the Future of Private Cloud
FlexPod: Powering the Future of Private Cloud
Transform with Confidence: Insights from Datacom’s 2024 Cloud Report
Transform with Confidence: Insights from Datacom’s 2024 Cloud Report
Unlocking Growth in the Cloud: Key Insights from Datacom’s 2024 Cloud Report
Unlocking Growth in the Cloud: Key Insights from Datacom’s 2024 Cloud Report

Events

Most Read Articles

Rogue communication devices found in Chinese solar power inverters

Rogue communication devices found in Chinese solar power inverters
Circles.Life fined over identity checking failures during mobile porting

Circles.Life fined over identity checking failures during mobile porting
Vic gov to spend $100m on cyber security

Vic gov to spend $100m on cyber security
EU, US authorities take down malware network

EU, US authorities take down malware network
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?