Apr15
9:53 pm (UTC-7)   |   by Jonell Baltazar (Advanced Threats Researcher)

Deviating from Conficker/Downad update and jigsaw puzzle menace, Waledac updated its spam emails and is now spamming online casino advertisements.


Click for larger view Click for larger view
Click for larger view

The spammed email contains a URL link to a Yahoo! Geocities web page which is shown in Figure 4, and when the link “Play now” is clicked, it shows a casino related image ad as shown in Figure 5.


Click for larger view Click for larger view

There is no activity seen where Waledac is seeding URLs that links to a new Waledac binary for this specific spam run, but our radars are actively monitoring for this event. The following spam emails however, are now blocked by the Smart Protection Network.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Wednesday, April 15th, 2009 at 9:53 pm and is filed under Security . Both comments and pings are currently closed.



5 Responses to “Online Casino, Geocities, and Waledac”

Trackbacks

  1. cybasurfa (cybasurfa)
  2. Casinofun (QueenofHearts)
  3. UnderForge of Lack » Blog Archive » Waledac no lose motivation spam`ing
  4. Waledac botnet spamming fake SMS spying tool | Zero Day | ZDNet.com
  5. Topics about Top-trends » Online Casino, Geocities, and Waledac



 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2010 Trend Micro Inc. All rights reserved. Legal Notice