Waledac variant uses SMS Spy social engineering theme
Thursday, April 16, 2009
Cybercriminals spreading the Waledac malware through spam are trying a new social engineering trick, asking users if they want to download an attached program to allow users to read another person's SMS messages online.
A web security alert issued yesterday said the Waledac variant has been spotted in the wild in thousands of spam emails including download files with alternating filenames, such as sms.exe, freetrial.exe and smstrap.exe. Not all major anti virus detectors had detected the new themem, the security alert said.
The text from one spam email carrying the Waledac worm offers a "free 30-day trial" and reads: "Do you want to test your partner or just to read somebody's SMS? This program is exactly what you need then."
This type of spam spreads the worm with what is called social engineering, by enticing users to download malware or visit malicious sites by exploiting curiosity and interest in popular topics, breaking news or products with a popular theme like Valentine's Day, according to web security experts.
Some security researchers have said cybercriminals spreading the worm have also used geolocation to customize malicious websites to reflect the location of the visitor's computer.
Related News:
Conficker still a threat to web security - 3.18.2010
The Conficker worm was by far the most notorious piece of malware in 2009 for several reasons. Not only did it receive media attention and infect more computers than any other strain, according to Katonda, a business technology website, it reminded web security professionals of bygone days when major epidemics were the norm.
Network security update not responsible for crashes - 2.24.2010
Reports of the so-called "blue screen of death" following the installation of the latest Microsoft security update are the result of malware, not a defect in the update.
Botnets and Chuck Norris take aim at network security - 2.22.2010
Last week, word spread of the Kneber botnet compromising more than 2,000 computers worldwide. With the start of a new week comes more malware attacks plaguing the web community. The so-called "Chuck Norris" botnet is attacking routers and DSL modems by guessing commonly used passwords.
Web security company warns of scareware's risk - 2.19.2010
The rise in scareware attacks and cyber criminal behavior in general forced DynaSis, an IT services company, to issue a warning to its users about the threat of fake anti-virus software infecting their computers on Friday.
Age-old trick with brand-new target - 1.18.2010
Cyber criminals have turned to a scam from the early days of the internet to target the growing smartphone market: Trojan phone dialers.
|
