The exploitation of Valentine’s Day by spammers has become an annual event as advertisers attempt to pawn everything. However, Valentine’s Day also gives spammers the perfect opportunity to spread malware and grow their botnets as optimistic Valentine recipients actually look forward to opening messages from perfect strangers.
The Waledec spammers declared their intentions early with a surge of love-themed malicious spam messages circulated in January. Now Waledec is distributing Valentine’s specific spam with subject lines such as “a Valentine card from a friend” and “you have received a Valentine E-card”. The messages, a classic blended threat e-mail attack, suggest that you have been sent a special Valentine’s Day message from a secret admirer and require you to click on a URL link to retrieve your message. Clicking on the link downloads malware instead.
Two other rival spam botnets have also adopted similar tactics with the Donbot botnet suggesting “someone thinks you are very special and has sent you a kiss”. The Pushdo spammers have an even simpler message, asking you to “prepare for Valentine’s Day” and “be ready”.
The Waledec botnet is widely considered by security researchers to be the latest incarnation from the same spam gang that brought us the notorious Storm botnet. So far, Waledec has failed to reach the same level of size and infection that Storm achieved, but this latest Valentine’s Day malicious spam is specifically designed to grow the botnet and increase the spammer’s capability to send even more spam.