Waledac SMS Spy Theme - New Campaign ITW
Threat Type: Malicious Web Site / Malicious Code
Websense Security Labs™ ThreatSeeker™ Network has detected a new Waledac variant in the wild being distributed via email since yesterday.
The new campaign uses a theme whereby the user is enticed to download an application that will permit them to view other people's SMS messages online. The download file uses alternating filenames, including sms.exe, freetrial.exe, and smstrap.exe. ThreatSeeker has identified thousands of spam emails using this theme.
Not all major antivirus vendors are currently detecting this threat according to this VirusTotal report.
Screenshot of a spammed email example:
Screenshot of the malicious SMS Spy theme Web site template:
Websense Messaging and Websense Web Security customers are protected against this attack.