New worm with evolved tricks
Friday, December 26, 2008
Security officials and blogs issued a warning about the Waledac worm making the holiday rounds through a spam email urging users to visit a website claiming it has a Christmas card addressed to them.
The malicious link in the email, if clicked, infects machines with malware and the first signs of it were spotted last Sunday, SCMagazineus.com reports. Once in the machine, the work searches for email address and then sends spam email copies of itself to others.
Some of the elements of the Waledac worm shared some similarities with the Storm Worm, such as using a redirection site and the ability to hide its IP address. The Storm has the tendency to spread near holidays such as New Year's and Mother's Day.
However, the similarities end with the absence of "a peer-to-peer network to communicate and instead uses an open-source executable packer and crpyptography to hide its tracks," according to the article.
While the potential for the Waledac worm to spread remains low because of its late-holiday release, SMBs are urged to block the download of ecard.exe to protect against the malicious spam email.
Related News:
Michael Jackson spam email proliferates, spreads viruses - 7.2.2009
Surging popular interest in the wake of Michael Jackson's death last week has set off a bonanza of related spam email, some of which contains malicious links, viruses and scams designed to ensnare curious recipients.
New spam tactic: Spam profiles on social networks - 6.29.2009
Spammers have been creating profiles on social networking sites to attract unsuspecting users through spam friend requests and messages, according to Google researcher Jason Morrison, writing on the Google webmaster blog.
Spammers exploit Michael Jackson's death - 6.26.2009
The death of pop icon Michael Jackson on Thursday is already being exploited by cybercriminals sending spam emails with subject lines and messages related to the news, IT security firm Sophos said.
Fake Microsoft Outlook update contains virus for ID theft - 6.23.2009
Spam email purporting to be a "critical update" for Microsoft Outlook and Outlook Express contains a link to download a malicious program that can steal personal information from a user's computer, including login credentials and credit card information, Trend Micro reported Monday.
Chinese penny-stock spammers plead guilty - 6.22.2009
Five people connected to an illegal spamming campaign that sought to pump up sales of Chinese penny stocks pleaded guilty Monday to wire fraud and violating the CAN-SPAM Act.
|
