We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,647 News Articles

July 4 celebrations hijacked by Waledac botnet

Spam/botnet effort on spoofed YouTube sites

The Waledac spam/botnet may be dwindling, but that didn't stop its disseminators utilising this weekend's 4th of July celebrations to spread malicious executables, according to Symantec.

Using attention-attracting spam mail, the group enticed users to visit malicious Waledac websites, then download and install the bot. One method of achieving this was to set up spoofed 'YouTube' sites, using these of similar words:

"Colorful Independence Day events took place throughout the country. This year July 4th firework's shows were surprisingly amazing. The largest firework happend this Saturday. Unprecedented sum of money was spent on this fabulous show even despite crisis.

"The American Pyrotechnics Association has named South Shore's Fourth of July fireworks show as the best pyrotechnic displays in the nation. If you want to see this fantastic show just click on the video below and press "Run"."

Click the pretend video frame, however, and instead of watching a clip you'll run one or several malicious Waledac executables with names such as "video.exe", "movie.exe", "run.exe" and "setup.exe". According to PC Tools, which reported the attack, the bot continues to maintain a list of peer nodes for its P2P over HTTP technology in clean XML formatted data.

The malicious sites were registered through China Springboard.

PC security news and advice


IDG UK Sites

Nokia Lumia 930 review: The flagship Windows Phone 8.1 smartphone

IDG UK Sites

Live Blog: Apple financial results, record June quarter, 35.2m iPhones sold, $37.4b revenue

IDG UK Sites

Welcome to the upgrade cycle - you'll never leave

IDG UK Sites

Why smartphone screens are getting bigger