Application security, Incident Response, Malware, Phishing, TDR

Waledac worm sends no love to Valentine’s Day spam victims

Cybercriminals behind the Waledac botnet are trying to capture more victims by using Valentine's Day-themed exploits, researchers from McAfee Avert Labs warned Monday.

Users are being spammed emails containing a link that when followed brings up a Valentines' Day-themed page with malicious executables. 

For example, one such page has a picture of two puppies holding a heart that says “Happy Valentine's Day.” The website reminds users that Valentine's Day is nearing and they should get their significant others a present. 

The site offers a “Valentine's Devkit” download to get started," but it actually is malware.

Micha Pekrul, author of an Avert Labs blog post on the attack, warned users not to click on the link in the spammed email, and also not to click on the executable contained on the website.

“This is a social-engineering trick to convince users to download the real threat," he wrote. "Don't click the link to the executable. Otherwise you will end up with malware."

This is not the first time cybercriminals behind the Waledac worm have used Valentines' Day as a means of tricking users.

In early January, PandaLabs researchers warned of a similar exploit. In that instance, spam arrived with the subject line: “love before Saint Valentine's day." If the user followed the link in the spam, they were taken to a page with a picture of 12 different hearts, above which read, “Guess, which one is for you.” If victims clicked, they downloaded the Waledac worm.

PandaLabs researchers said last month that once users are infected, their machines become part of a botnet that is used to send out other spam, and that worm spreads by sending the messages to all contacts in the victim's address book.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.