Waledac botmasters use Virut malware to build a new botnet
Posted on 15.01.2013
Bookmark and Share
Despite having been swooped down on by security companies and law enforcement a couple of times, the botmasters of the Waledac (Kelihos) botnet refuse to give up and are using new variants to set up new versions of the original botnet.


According to Symantec researchers and the company's telemetry data, the number of computers infected with the W32.Waledac.D variant is on the rise again, and most of them are concentrated in the U.S.

This latest increase can be attributed to the influence of the Virut botnet, which has apparently been hired to distribute the aforementioned Waledac botnet variant.

Waledac's goal is to send out spam emails through servers from a list that it receives from the botnet's C&C servers, and according to the researchers' estimates, that might currently mean anywhere between 1.2 billion to 3.6 billion spam emails per day.

The email subjects vary, but the links contained in them mostly lead to Canadian online pharmacies and counterfeit performance-enhancing drugs.

"The coexistence of Virut and Waledac on a single computer is further example of malware groups using affiliate programs to spread their threats, and that threats can be linked and coexist on an already compromised computer," the researchers concluded.





Spotlight

Identifying security innovation strategies

Posted on 14 April 2014.  |  Tom Quillin is the Director of Cyber Security Technology and Initiatives at Intel Corporation. In this interview he talks about security innovation, current and future threats.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Apr 16th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //