Posted by: Barracuda Labs
After months of inactivity, Waledac has begun a new propagation email campaign. Messages in this run all relate to the July 4th holiday; an example is shown below.
From: Elmer Curry < firstname.lastname@example.org >
Date: Sat, 4 Jul 2009 04:37:49
Subject: Happy Birthday, America!
To: < redacted >@orange.fr
Well done 4th! hxxp://axkgi.fireworksnetwork.com/
Similar to Storm’s 2008 July 4th email campaign, clicking on the above link will take the user to a fake YouTube page claiming to offer a video of an expensive fireworks display.
The “video” is actually Waledac malware, which will infect the user’s system if they attempt to “view” it. AV detections for these instances are poor.
Users of the PWSS are protected from this campaign.