W32.Waledac: Threat Analysis

Date Added: Aug 2009
Format: PDF

W32.Waledac is a worm that uses social engineering and certain client side vulnerabilities in order to propagate. The worm has functionality to download and execute binaries, act as a network proxy, send spam, mine infected computers for data, such as email addresses and passwords, and perform Denial of Service (DoS) attacks. Symantec started noticing a burst in W32.Waledac activity around the third week of December in 2008. At that time it began spamming Christmas themed emails and turning compromised computers into spam bots.