Win32/Waledac trojan, which went on a rampage during the holiday season and then during the US Presidential Inauguration, will make a comeback during Valentine’s Day in the form of infected e-cards, warns CA.
CA’s researchers have found that Waledac’s e-card scam websites have updated their content with a Valentine’s Day theme. The sites are getting ready with attractive filenames such as love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe, to attack the PCs. More filenames are likely to be added before V Day.
The PC gets infected with the trojan once the user opens the e-card. The infected computer can be used as a spam bot to gather information about the host system and send the data to other addresses and servers.
During the US Inauguration Day, malware authors used fake websites that resembled Barack Obama’s official site, to spread Waledac trojan. Titles such as “Barack Obama refused to be a president” were used on the fake sites to attract vulnerable readers. The fake websites were spread through emails.
The spread of spam software during special days such as Valentine’s Day, when e-cards are exchanged on a large scale, is not new. Waledac is a threat this year while it was the Storm trojan that has ruined the computers in the last two years.
Brian Grayek, vice president of product management for CA’s Internet Security Business Unit, said: “This threat is to be expected with any card-sending type of holiday, but there often is a new twist each year on delivery.”
CA suggests PC users to be cautious while downloading executable files or reading emails from unknown sources; and update anti-virus software and internet browser.
Grayek said: “With a combination of awareness and ensuring your security software is current, individuals can be safe. Knowing about the threat early — before you find the email in your inbox or get the alert from your IT department — helps ensure individuals don’t open the email and click on links that launch the malware.”