Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The Waledac botnet has become active again with 15,000 messages per hour being sent out.
Sam Masiello, vice president of information security at MX Logic, claimed that it had watched the Waledac botnet go through a couple of different phases over the past few weeks after it sent out spam relating to coupons and Valentine's Day.
MX Logic claimed that the latest ‘Couponizer' spoof started on February 22nd and that more Valentine's Day spam was sent from Waledac after Valentine's Day than before. It also claimed that Waledac has now made a copy of couponizer.com with emails sent that link to the spoofed lookalike sites.
Masiello said: "As with many other Waledac/Storm generated websites, just about everything on the page is an image. This is generally a dead giveaway to folks who have been tracking Waledac/Storm for quite some time, but is a minor fact that is likely lost on most users who are unaware they are being duped. These images link to a binary executable file where when downloaded and run by the user enlist their PC into the botnet.
"Nevertheless, it is clear that the Waledac folks are working very hard to build their botnet back up to levels that it was at prior to Microsoft releasing its September 2007 MSRT update which Microsoft claims were responsible for mostly taking down its predecessor, Storm. This botnet clearly isn't just about holidays anymore."