Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    8:16 am (UTC-7)   |    by

    After attempting to shock us with dire news of terrorist bombings, Waledac now attempts to entice us with offers of spying somebody else’s (notably a lover’s) SMS messages.

    Click for larger view Click for larger view

    The links in the spammed messages shown above lead to a malicious website, which offers a 30-day trial for a SMS (Short Messaging Service) Spying software. The link “Download Free Trial” leads to the download of an .EXE file which installs a Waledac bot into the user’s system. So if you must ask, no, it is not legitimate SMS spy software.

    Click for larger view

    While downloaded Waledac variants are found constantly changing from time to time, Trend Micro managed to extract several of these variants, and are now detected as the following:

    More variants are expected to surface soon, as there are several domains hosting the malicious files. Users need not worry about this threat however, as the Smart Protection Network already blocks the domains from which the Waledac variants are hosted.

    This current Waledac campaign, which is nastier than the recent Waledac spam runs (the online casino spam run being the latest) is actually ripping off the website of a software vendor that is indeed selling spy software for SMS.

    Click for larger view

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice