Security Labs

Alerts

BOOKMARK THIS ALERT
  digg   |     del.icio.us   |     reddit
  newsvine   |     furl   |     technorati

Waledac Independence Day Theme - New Campaign In The Wild

Date:07.03.2009

Threat Type: Malicious Web Site / Malicious Code

Websense Security Labs™ ThreatSeeker™ Network has detected yet another new Waledac campaign theme in the wild. The new variant uses an Independence Day theme as a social engineering mechanism. The United States of America celebrates Independence Day on July 4 each year.

The malicious emails that are sent use subjects and content related to Independence Day, Fourth of July and fireworks shows.

The malicious Web sites in the current attack also have a July 4 or fireworks theme within the domain name. ThreatSeeker has been monitoring the registration of these domains. Should the user click on the video, which is designed to appear to be a YouTube video, an .exe is offered. When downloaded the .exe would install the latest Waledac variant onto the user's machine.

Screenshot of the malicious Web site:

Websense® Messaging and Websense Web Security customers are protected against this attack.