Botnet Threatens to Sour Valentine's Day

Hoping your honey sends you flowers this Valentine's Day? Here's hoping people invest their time and money in more traditional gifts, rather than virtual ones, given the fact that an old Valentine's virus may very well be making a resurgence this year.

Let's face it, there will be guys (and girls) sending electronic Valentine's cards this February 14. With that in mind, it's important everyone is aware of spam masquerading as a sweet love note.

Hoping to dupe web users into downloading the dreaded Waledec bot, spammers have in the past sent emails entitled "short and sweet," "Me and You," and even "In Your Arms". Whether or not you believe your lover might actually type something that corny this Valentine's Day, be careful if anything arrives with these lame-o lines in the subject line.

So, how does the spam scam work?

An email will arrive in a user's inbox with one of the aforementioned syrupy tag lines. Those who open it will be presented with a link promising more sweetness, perhaps in the form of a cupid-inspired animation or greeting card. Instead, they'll end up downloading an executable file that installs the Waledec bot, capable of hijacking a PC remotely. (Source: cnet.com)

The scheme is not new. Similar attacks were made in both 2007 and 2008, and given their rather impressive success rates -- despite increasing awareness last year -- it's not beyond reason that the threat could resurrect itself again this Valentine's.

"It still impresses me that tactics like this continue to work and be so effective, despite how many times it gets recycled," said Sam Masiello, VP of Information Security at MX Logic. "Clearly the old Storm folks are working as hard as they can to build up their new botnet, and are following the old tried-and-true methods." (Source: pcworld.com)

Much like the scheme itself, the Waledec is far from new. It's been infecting computers via greeting card dupes since well before Christmas, with security experts estimating that about 10,000 PCs might have been infected during that time. Although that's a fairly small number for a prominent botnet, Valentine's Day marks an even better opportunity than the holidays for spamming unsuspecting lovers.