Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Along with the flowers, heart-shaped boxes of chocolates, and other sundry Valentine’s Day gifts that come rolling in at this time of the year, there are always malware attacks attempting to take advantage of the holiday.

    A recently reported case of malware-related spam contains a short Valentine’s message — and with an embedded URL that leads to malicious content, under the guise of L’amor:

    Figure 1. Sample spam email

    Upon clicking the link, it opens a browser and directs to a Valentine’s Day-themed website.

    Figure 2. Valentine’s-themed website with links to malicious files

    The site contains a short message and links which when clicked asks the user to download the file vcard.exe, that is allegedly a tool that allows the victim to create personalized Valentine’s e-card.

    Figure 3.Prompt to download malicious file

    The malicious file is actually a WALEDAC variant detected, specifically detected as WORM_WALEDAC.BG. This doesn’t really come on as a surprise, since WALEDAC variants have been previously served through e-card spam:

    WORM_WALEDAC.BG automatically executes at every system startup and propagates by spamming copies of itself. It steals email addresses stored in infected PCs and sends its gathered information to malicious IP addresses. The Trend Micro Smart Protection Network already detects this worm and prevents it from executing.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    Comments are closed.


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice