There are only 4 days left for Saint Valentine’s Day and this special date is being used again by the worm Waledac to spread itself.
The last variant that use this romantic subject to spread is W32/Waledac.J.worm.
The email messages that are being used for its distribution contains a link which points to a malicious website like the following:
We have found the following malicious domains (be carefull) from which the worm is downloaded:
hxxp://cantlosedata.com
hxxp://losenowfast.com
hxxp://theworldpool.com
hxxp://alldataworld.com
hxxp://mingwater.com
hxxp://alldatanow.com
hxxp://cantlosedata.com
The filenames used by the worm are variable, but they are usually related to love. We have found the following:
run.exe, ecard.exe, programm.exe, lovekit.exe, runme.exe, start.exe, loveexe.exe, save.exe….
Waledac loves San Valentin, so be careful lovers 😉