Photo: Microsoft
Waledac is a worm that is capable of harvesting and forwarding password information.
It is capable of receiving commands from a remote server. Commands include instructions on functions to perform (for example, update malware components or send information from the infected computer).
Waledac spreads in an e-mail attachment. The name of the e-mail attachment is always “ecard.exe”. The contents of the e-mail message varies and may use any of the following subject lines:
• A Christmas card from a friend
• A special card just for you A special card just for you, Christmas Ecard Notification Notification Christmas Ecard, Christmas Ecard Special Delivery Special Delivery Christmas Ecard, Christmas Wishes! Christmas Wishes!
• Christmas card for you Christmas card for you, Christmas greetings e-card is waiting for you Christmas greetings e-card is waiting for you, Christmas greetings for you Christmas greetings for you, Christmas greetings from your friend Christmas greetings from your friend, Greeting for you! Greeting for you!
• Happy Christmas! Happy Christmas!
• Have a warm an lovely Christmas! Have a lovely warm an Christmas!
• I sent you the ecard I sent you the ecard .Joyful Christmas! Joyful Christmas!
• Merry Christmas ‘N Happy New Year! Merry Christmas’ N Happy New Year!
• Merry Christmas 2009! Merry Christmas 2009!
Complete Details for Waledac
Microsoft has announced that they brought the Waledac botnet down by cutting off over 270 domains suspected of channeling command and control instructions. The legal action and associated operations were code-named Operation b49.
“Early data from Microsoft and other researchers indicate that our actions have effectively decimated communications within the Waledac bot network,” said Jeff Williams, director of the Microsoft Malware Protection Center. “That’s good news because it indicates that Operation b49 effectively severed between 70,000 and 90,000 computers from this botnet.”
No Comments Yet - be the First!