According to F-Secure, cybercriminals behind the Waledac botnet used a New Year’s-themed campaign to capture more victims.
SCMagazine reports that the spam messages contained the subject line “Happy New Year 2010” and offered up a link for what the e-mail claims to be a New Year’s greeting card. Only, the link directed users to a domain that attempts to exploit vulnerabilities in Adobe Flash and Reader and Internet Explorer.
Once the Waledac Trojan is installed, attackers get full access to a user’s machine and the ability to steal data from the PC. The infected system can also be used to download fake anti-virus programs, send spam, or participate in distributed DoS attacks.