We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,937 News Articles

July 4 celebrations hijacked by Waledac botnet

Spam/botnet effort on spoofed YouTube sites

The Waledac spam/botnet may be dwindling, but that didn't stop its disseminators utilising this weekend's 4th of July celebrations to spread malicious executables, according to Symantec.

Using attention-attracting spam mail, the group enticed users to visit malicious Waledac websites, then download and install the bot. One method of achieving this was to set up spoofed 'YouTube' sites, using these of similar words:

"Colorful Independence Day events took place throughout the country. This year July 4th firework's shows were surprisingly amazing. The largest firework happend this Saturday. Unprecedented sum of money was spent on this fabulous show even despite crisis.

"The American Pyrotechnics Association has named South Shore's Fourth of July fireworks show as the best pyrotechnic displays in the nation. If you want to see this fantastic show just click on the video below and press "Run"."

Click the pretend video frame, however, and instead of watching a clip you'll run one or several malicious Waledac executables with names such as "video.exe", "movie.exe", "run.exe" and "setup.exe". According to PC Tools, which reported the attack, the bot continues to maintain a list of peer nodes for its P2P over HTTP technology in clean XML formatted data.

The malicious sites were registered through China Springboard.

PC security news and advice


IDG UK Sites

Android One vs Android Silver vs Google Nexus: What is the difference?

IDG UK Sites

iOS 8 review: Hands on with the iOS 8 beta

IDG UK Sites

Thinking robots: The philosophy of artificial intelligence and evolving technology

IDG UK Sites

How to shoot a robot rom-com in three days