First Valentine’s Day malware attacks

As February 14 approaches, security vendors start to detect dozens of malware strains aimed at infecting users’ computers using Valentine’s Day as bait. The first one to appear this year has been the Waledac.C worm.

As is usually the case in this type of attack, Waledac.C spreads by email trying to pass itself off as a greetings card sent for Valentine’s Day to the targeted user. The email message includes a link to download the card. However, if the user clicks the link and accepts the subsequent file download they will actually be letting the Waledac.C worm into their computer.

These malicious files have Valentine’s Day-related romantic names such as:

youandme.exe
onlyyou.exe
you.exe
meandyou.exe

Once it has infected the computer, the worm uses the affected user’s email to send out spam. To do this, it collects all the email addresses stored on the user’s computer, and sends them an email message like the one above in order to trick other users into downloading the malware strain.

Source: Panda Labs.