CA has issued an early warning to computer users around the world that the Win32/Waledec trojan is being readied for launch via spammed Valentine's Day e-cards. Once a computer is infected with the trojan, it can be used as a spam bot while gathering information about the host system and sending the data to accomplice Web servers.
CA researchers noted last week that Waledac's affiliated e-card scam Web sites have updated their content with a Valentine's Day theme-an indication that attacks are being prepared.
Currently, Waledec-related Web sites distribute trojan executables with filenames such as love.exe; onlyyou.exe; you.exe; youandme.exe; and meandyou.exe, but there could be new filenames that surface at any time.
"This threat is to be expected with any card-sending type of holiday, but there often is a new twist each year on delivery," says Andrea Lodolo, CA Africa's manager of technical sales. "With a combination of awareness and ensuring your security software is current, individuals can be safe. Knowing about the threat early – before you find the email in your inbox or get the alert from your IT department-helps ensure individuals don't open the email and click on links that launch the malware. "