Websense Security Labs™ ThreatSeeker™ Network has detected yet another new Waledac campaign theme in the wild. The new variant uses an Independence Day theme as a social engineering mechanism. The United States of America celebrates Independence Day on July 4 each year.
The malicious emails that are sent use subjects and content related to Independence Day, Fourth of July and fireworks shows.
The malicious Web sites in the current attack also have a July 4 or fireworks theme within the domain name. ThreatSeeker has been monitoring the registration of these domains. Should the user click on the video, which is designed to appear to be a YouTube video, an .exe is offered. When downloaded the .exe would install the latest Waledac variant onto the user’s machine.
And at the same time i want to take this opportunity to wish you Happy 4th of July!
[Source: Websense Security Lab]
make sure you subscribe to my RSS feed!