There are only 4 days left for Saint Valentine’s Day and this special date is being used again by the worm Waledac to spread itself.
The last variant that use this romantic subject to spread is W32/Waledac.J.worm.
The email messages that are being used for its distribution contains a link which points to a malicious website like the following:
We have found the following malicious domains (be carefull) from which the worm is downloaded:
hxxp://cantlosedata.com
hxxp://losenowfast.com
hxxp://theworldpool.com
hxxp://alldataworld.com
hxxp://mingwater.com
hxxp://alldatanow.com
hxxp://cantlosedata.com
The filenames used by the worm are variable, but they are usually related to love. We have found the following:
run.exe, ecard.exe, programm.exe, lovekit.exe, runme.exe, start.exe, loveexe.exe, save.exe….
Waledac loves San Valentin, so be careful lovers 😉
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
