• On The Insider: Miley Cyrus in Sex and the City 2
July 2, 2009 10:49 AM PDT

Waledac worm targeting July 4 spam offensive

by Elinor Mills
  • Font size
  • Print
  • 10 comments

The Waledac worm is gearing up for a spam campaign related to the July 4 holiday, a security researcher warned on Thursday.

Researchers analyzing the code of the worm, which has been deploying updates to previously compromised PCs, have discovered that at least 18 domain names have been registered related to fireworks and Independence Day that will be used to trick people into visiting a malicious Web site, said Pierre-Marc Bureau, a senior researcher at antivirus vendor ESET.

Starting any time now and lasting through the weekend, the spam e-mails will arrive in in-boxes with a message urging the recipient to watch a July 4 video. The e-mails are expected to include a link to a site with an executable that, instead of playing a video when double-clicked, will download malware that turns the visiting PC into another bot on the botnet, Bureau said.

The operators of Waledac are using holidays and other current events to lure new victims in order expand their botnet, and it's likely they are leasing out the botnet services to others, he said. Earlier this year, Waledac exploited Valentine's Day, spamming people with fake romantic greetings.

It is estimated that there are tens of thousands of computers infected with Waledac and that more than 20,000 will be used in the July 4 spam campaign, according to Bureau.

More information is on the ESET blog.

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.
Topics:

Vulnerabilities & attacks

Tags:

Waledac,

worm,

July 4

Share:
Digg
Del.icio.us
Reddit
Recent posts from Security
Microsoft, Adobe prep critical security patches
'Kill Obama' Facebook group active for a month
Cybersitter suit accuses China, PC makers of software piracy
Using your smartphone safely (FAQ)
'Kama Sutra' most pirated e-book of 2009
Kingston flash drives suffer password flaw
Q&A: Researcher Karsten Nohl on mobile eavesdropping
RockYou sued over data breach
Related
Using Facebook and Twitter safely
Using your smartphone safely (FAQ)
More attacks expected on Facebook, Twitter in 2010
Scammers exploit Google Doodle to spread malware
Facebook sues men for allegedly phishing, spamming
TV-shopping season kicks off on CNET
Crave giveaway of the day: official rules (2)
Buzz Out Loud Podcast 1120: Make a lot of nickels, Microsoft
Add a Comment (Log in or register) (10 Comments)
  • prev
  • 1
  • next
by filipiak July 2, 2009 11:57 AM PDT
If this attack only affects Windows-based systems, why is a Macintosh used in the graphic?
Reply to this comment
by nickh2 July 2, 2009 12:51 PM PDT
"There are Mac botnets too troll."

There was ONE to date. In a manipulated, pirated copy of iWork. Folks who steal software get what they deserve.
And if correcting your endless stream of anti-Mac FUD makes me a troll, I'm fine with that.
by Vegaman_Dan July 2, 2009 12:54 PM PDT
@nickh2:

"There was ONE to date. "

There's several now, to be honest. Got to keep up to date on these things when your job is supporting Linux, Windows, and Mac OS X systems. And yes, nearly all these come from illegal sites or pirated software. It doesn't matter what OS you use when you go out on the internet without protection or common sense.
by NotForNuthin July 2, 2009 2:09 PM PDT
Because they are MUCH better looking...
by baconstang July 2, 2009 12:09 PM PDT
How do I protect my iMac from this attack? Oh, nevermind.....
Reply to this comment
by monkeyfun14 July 2, 2009 12:14 PM PDT
There are Mac botnets too troll.

Only been 30 minutes and the trolls are out in force.
by tm_anon July 5, 2009 9:01 PM PDT
@monkeyfun14

This is about Waledac, in case u didn't actually read the article. Waledac is a Windows based worm. It only effects Windows.

His comment, while seemingly inappropriate, actually made sense. His iMac can't be effected by this attack.
by lvcsslacker July 2, 2009 12:14 PM PDT
Common sense could have prevented this...
Reply to this comment
by baconstang July 2, 2009 12:26 PM PDT
The article wasn't clear about windows only at first glance. I guess there are Mac botnets... at least that's what dark side keeps telling us.
Reply to this comment
by tm_anon July 5, 2009 9:03 PM PDT
It's about Waledac. Waledac is Windows only and was mentioned in the article title as well as the body of the article.
(10 Comments)
  • prev
  • 1
  • next
advertisement

Google's mobile hopes go beyond Nexus One

The world may have thrilled to the potential for a Google Phone, but what Google actually unveiled is its plan for a new smartphone world order.
• Photos: Unboxing Nexus One

Using your smartphone safely

faq Worms, Trojans, and SMS attacks are risks for mobile phones, but the biggest practical threat to users is losing the device.

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET