– Waledac.C is a worm that spreads by email in fake Valentine’s Day e-greeting cards
 

This is a classic in the malware world. As February 14 approaches, security vendors start to detect dozens of malware strains aimed at infecting users’ computers using Valentine’s Day as bait. The first one to appear this year has been the Waledac.C worm.

As is usually the case in this type of attack, Waledac.C spreads by email trying to pass itself off as a greetings card sent for Valentine’s Day to the targeted user. The email message includes a link to download the card. However, if the user clicks the link and accepts the subsequent file download they will actually be letting the Waledac.C worm into their computer. You can see at image at http://www.flickr.com/photos/panda_security/3227767277/

 These malicious files have Valentine’s Day-related romantic names such as: youandme.exe onlyyou.exe you.exe meandyou.exe Once it has infected the computer, the worm uses the affected user’s email to send out spam. To do this, it collects all the email addresses stored on the user’s computer, and sends them an email message like the one above in order to trick other users into downloading the malware strain.

“The fact that cyber-crooks keep using this technique year after year shows that, old as it may be, it still causes a large number of infections”, says Luis Corrons, Technical Director of PandaLabs.

For more information about this malware strain, go to the PandaLabs blog http://pandalabs.pandasecurity.com/archive/Waledac-Storm-worm_2E002E002E00_-New-Target_3A00_-Valentine_1920_s-day.aspx