Many security professionals say it's the evolution of another famous botnet: Storm, or Nuwar depending on the antivirus company.
Like Storm, one of the most interesting features of Waledac, besides the use of advanced techniques such as Fast-Flux, are the strategies of social engineering, which in his case began with a propaganda campaign on the day of love and renewed every so often, with his latest maneuver a course program for sending SMS messages.
However, Waledac also uses web positioning techniques used in unethical ways to attract strategic arrivals to different domains, which is now redirected to the fraudulent online pharmacy, which used to spread the trojan, called Black Hat SEO.
Some of the domains used by this threat are:
yourvalentineday .com
virtualesms .com
usabreakingnews .com
urbanfear .com
terrorismfree .com
terrorfear .com
terroralertstatus .com
smspianeta .com
smsdiretto .com
smsclubnet .com
photoblogsite .com
orldlovelife .com
nuovosms .com
mobilephotoblog .com
miosmsclub .com
globalantiterror .com
freeservesms .com
freecolorsms .com
fearalert .com
easyworldnews .com
Each of the domains were created as a strategic thinking, using words to form the composition of the URL. Among them:
valentine - your - day - virtual - sms - break - king - news - urban - terror - fear - mobile - china - blog - life - best - anti - poems - ship - love - central - online - great - coupon - club - ltd - free - adore - poem - lyric - world - sales - super - portal - code - site - eye - blue - dot - funny - smart - group - fun - songs - wireless - city - wap - link - good - review - who - cher - help - radio - report - the - lovers - long - fm - michigan - chat - loving - romantics - track - cherish - space - my - digital - country - discount - tax - tnt - letter - against - mazda - car - speed - zone - dealer - cars - buy - tribute - auto - motive - parts - death - taxi - work - care - direct - pet - cab - bead - net - ming - water - data - lose - can - pool - all - pond - wager - team - doc - now - fast - bank - expo - wale - job - barack - obama - guide - greeting - december - christmas - lights - year - regards - white - mira - bella - project - company - top - father - its - media - just - gift - garb - live - cheap - service - home - black
This responds to the campaign of Black Hat SEO Waledac that used to attract potential victims, and increasingly malicious code used to achieve a web positioning so that ensures early access to malicious sites created to spread malware.
Related Information
Waledac. Follow-up of a latent threat - Spanish version
Waledac more loving than ever - Spanish version
Waledac, Social Engineering and San Valentine Day - Spanish version
# Jorge Mieres
No comments:
Post a Comment