Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    TrendLabs has received reports of a new worm, which targets Arabic/Persian-speaking regions, spreading in the wild. Detected as WORM_WALLA.B, this worm spreads copies of itself as an attachment to email messages with subject lines and message bodies mostly relating to current events from the said regions (About Iran, Pictures from Gazza, About the Israeli Intelligence, and All the Truth about the American intelligence among others), conforming to the sensational social engineering scheme that has recently become prevalent. When executed, this worm first retrieves a target system’s keyboard layout settings, presumably to determine if the language used is Arabic or Persian, indicating a focused attack on regions using these languages. If the affected system does not conform to the languages, it terminates itself. Like many worms, WORM_WALLA.B gathers target email addresses from Microsoft Outlook. However, using HTTP functions, this worm also gathers email addresses from Yahoo! Mail or Yahoo! Mail Beta. Hence, this worm is another of the growing new generation of threats referred to as Web threats, so-called because they exploit the power of the Internet to wreak havoc. Users, especially from affected regions, are advised to be wary of the said email messages and not to open email attachments from unknown sources.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice