Tweet

Holidays are almost always the target of significant spam and malware attacks, and this Fourth of July is turning out to be little different. A new WALEDAC variant – detected as WORM_WALEDAC.DU – has been sending out Independence Day spam messages. (In fact, last year there were multiple fourth of July attacks, one of which involved the Storm botnet.)

See sample message below:

These messages contain links to a site which appears to be from Youtube:

Figure 2: The website with the supposed video

The video supposedly shows a fabulous fireworks show, but in reality attempting to play the video results in downloading a copy of WORM_WALEDAC.DU. This particular technique has been used many, many times before, but it’s still quite effective.

Fortunately, however, the malicious file is already detected by the Trend Micro Smart Protection Network, so users don’t need to worry about this threat.