Looks like the Waledac Authors wore the Couponizer theme out, and have now switched to a new headline "Terror Attack" theme. Headline News themes are nothing new to botnets like Waledac, as the Storm Worm used them a few times with fairly decent infection rates. Another note of interest with this attack is the continued usage of GeoIP data to customize the news article for visitors. I utilized several web proxies and the Waledac GeoIP database seems to provide extremely accurate IP to Location results. Take a look at a screen grab I took while I was utilizing a Woodstock web proxy.
Read the full article
http://www.sudosecure.net/archives/508
No comments:
Post a Comment