Waledac botmasters use Virut malware to build a new botnet
Posted on 15.01.2013
Despite having been swooped down on by security companies and law enforcement a couple of times, the botmasters of the Waledac (Kelihos) botnet refuse to give up and are using new variants to set up new versions of the original botnet.


According to Symantec researchers and the company's telemetry data, the number of computers infected with the W32.Waledac.D variant is on the rise again, and most of them are concentrated in the U.S.

This latest increase can be attributed to the influence of the Virut botnet, which has apparently been hired to distribute the aforementioned Waledac botnet variant.

Waledac's goal is to send out spam emails through servers from a list that it receives from the botnet's C&C servers, and according to the researchers' estimates, that might currently mean anywhere between 1.2 billion to 3.6 billion spam emails per day.

The email subjects vary, but the links contained in them mostly lead to Canadian online pharmacies and counterfeit performance-enhancing drugs.

"The coexistence of Virut and Waledac on a single computer is further example of malware groups using affiliate programs to spread their threats, and that threats can be linked and coexist on an already compromised computer," the researchers concluded.





Spotlight

(IN)SECURE Magazine issue 43 released!

Posted on 16 September 2014.  |  (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //