New E-holiday Card Virus Discovered
Researches at ESET are reporting a new e-card virus which appears to be similar to the Storm virus that plagued us all. It seems that this critter asks the user to clcik on a link in the greeting card which release the attack.
According to this article which states:
Like the Storm worm, the latest worm, which anti-virus vendor ESET callsW32/Waledac, consists of an e-mail telling recipients they have received an e-holiday card and asking them to click on a link pointing to a file namedecard.exe to read it.
But W32/Waledac’s capabilities go way beyond those of the Storm worm, which took over up to 50 million PCs, according to security experts. Bureau said it uses the OpenSSL open source library and can download and verify cryptographic certificates and communicate with Web servers using the Secure Sockets Layer (SSL)
However, W32/Waledac only uses four domain names, and that makes it easy to block out, Bureau said. “The network administrator in an enterprise network just has to block those four names from their DNS servers,” he explained.
I sincrely hope that the idiots who wrote this virus have an unpleasant holiday.
Comments welcome.
6 Comments
azscorp
December 23rd, 2008
at 9:13pm
What are the four domain names so we can block it?
Thanks
Ron Schenone
December 24th, 2008
at 8:03am
I found this on the Symantec site. It lists all of the ISP’s but not the specific domain names. Hope this helps.
http://www.symantec.com/norton/security_response/writeup.jsp?docid=2008-122308-1429-99&tabid=2
Ron Schenone
December 26th, 2008
at 3:12pm
Test
Den
December 28th, 2008
at 8:57am
Congradulations … It’s Workin Again. .!
Crillz
December 30th, 2008
at 9:46am
What if turns out to be Symantec that creates all this just to keep you buying more?
‘Twas Two Nights Before Christmas | Chris Pirillo
January 3rd, 2009
at 12:39am
[...] A new e-Holiday card virus was discovered today. [...]