For current malware, each event, news or special circumstance is exploited as a method of deception to spread themselves or other malicious code, with the spam ornot the attack vectors used for this purpose.
Our mailboxes are concrete examples that describe this situation. The Valentine's Day (or love) is one of them, and if we look a bit of email spam that inundates us, we will notice that many do make reference to the nearby festival.
In fact, waledac has begun its campaign to spread well before spreading using a typical deceptive image that alludes to lovers whereby downloading a binary called love.exe that far from being loving, infects your computer turning it into a zombie.
As an extra component, the previous campaign by downloading the malware, malicious page containing an exploit. Among them were:
Recently, however, developers have migrated image to one that seeks to find the same degree of "tenderness" download also waledac.
Some of the names used for the binary are:
Waledac uses Fast-Flux networks and some of the domains used to propagate them are:
Many compare it to other malicious code as Nuwar (also known as storm or the storm worm) because of the similarity of their dissemination strategies and performing malicious activities on the infected computer. However, the reality is that waledac is a dangerous malicious code that has formed one of the largest botnet networks of the moment.
Understanding Fast-Flux networks
Danmec Bot, Fast-Flux networks and recruitment of...