Blog for hpHosts, and whatever else I feel like writing about ....

Sunday 15 March 2009

Waledac Theme - Reuters: Terror Attack

Looks like the Waledac Authors wore the Couponizer theme out, and have now switched to a new headline "Terror Attack" theme. Headline News themes are nothing new to botnets like Waledac, as the Storm Worm used them a few times with fairly decent infection rates. Another note of interest with this attack is the continued usage of GeoIP data to customize the news article for visitors. I utilized several web proxies and the Waledac GeoIP database seems to provide extremely accurate IP to Location results. Take a look at a screen grab I took while I was utilizing a Woodstock web proxy.


Read the full article
http://www.sudosecure.net/archives/508

No comments: