We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

July 4 celebrations hijacked by Waledac botnet

Spam/botnet effort on spoofed YouTube sites

The Waledac spam/botnet may be dwindling, but that didn't stop its disseminators utilising this weekend's 4th of July celebrations to spread malicious executables, according to Symantec.

Using attention-attracting spam mail, the group enticed users to visit malicious Waledac websites, then download and install the bot. One method of achieving this was to set up spoofed 'YouTube' sites, using these of similar words:

"Colorful Independence Day events took place throughout the country. This year July 4th firework's shows were surprisingly amazing. The largest firework happend this Saturday. Unprecedented sum of money was spent on this fabulous show even despite crisis.

"The American Pyrotechnics Association has named South Shore's Fourth of July fireworks show as the best pyrotechnic displays in the nation. If you want to see this fantastic show just click on the video below and press "Run"."

Click the pretend video frame, however, and instead of watching a clip you'll run one or several malicious Waledac executables with names such as "video.exe", "movie.exe", "run.exe" and "setup.exe". According to PC Tools, which reported the attack, the bot continues to maintain a list of peer nodes for its P2P over HTTP technology in clean XML formatted data.

The malicious sites were registered through China Springboard.

PC security news and advice


IDG UK Sites

Samsung Galaxy Note 4 review: Great if you like big, expensive phones

IDG UK Sites

Why Sony's PS4 2.0 update is every gamer's dream (well, mine at least)

IDG UK Sites

This Grolsch ad combines stop-motion & CG for majestic results

IDG UK Sites

Apple rumours and predictions for 2015: What to expect from Apple in 2015