ESET Threat Blog
Pierre-Marc Bureau

Waledac is Back!

by Pierre-Marc Bureau Senior Malware Researcher
July 5, 2009 at 7:07 am

The Waledac botnet has been activated and it is now sending spam promoting videos of Independence Day, even if we are only July 3rd. They are using multiple web pages with titles like “Fourth of July Fireworks Shows”. Users wishing to view the video are asked to click an image that returns an executable and to then click “Run”. This of course won’t display any video but will infect the victim with the latest variant of Waledac. ESET detects this latest variant as Win32/Waledac.JT.

 

Waledac Fake Video

Thanks to Joan Calvet for his help on this research.

 

Pierre-Marc Bureau

Senior Researcher

.

This entry was posted on Friday, July 3rd, 2009 at 9:21 am and is filed under General. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

Share |
Subscribe by Email
To receive new posts automatically through email, enter your email address:

Delivered by FeedBurner

Blog Search
Categories
Authors
Tags
Adobe autorun Botnet Conficker Cybercrime Facebook google Malware Microsoft patch Phishing privacy SC Magazine Security Social Engineering Spam Stuxnet The Register Twitter Virus Bulletin
Archives

Switch to our mobile site