by John Gable
Another Valentine's Day special.
You may have been reading how the Waledac botnet, a successor to the Storm botnet, has come to haunt your Valentine's Day.
This botnet is running a Valentine’s Day "campaign" soliciting people with phony Valentine’s themed e-mails and greeting cards. When users click through to a Web site to receive their messages, malicious software is silently and automatically downloaded to their computer. The malicious software can do any number of nasty things such as logging and transmitting everything a user types, stealing their credit card numbers and online passwords, and turning their computer into a launch pad to attack others.
With over 1000 variants in just one day, this is very hard to stop. Perhaps impossible to stop for typical antivirus software that relies on lists of known threats.
This is yet another example of how important browser security has become. We need to stop attacks like these at the point of entry - the web browser - and prevent that malware from getting onto the PC in the first place.
Thank you ZoneAlarm ForceField. Just add ZoneAlarm ForceField to IE or Firefox, and you will be protected from attacks like this. Our browser security prevents this and other attacks from hacking your PC by keeping the browser inside a "virtual sandbox" where malware can not access your system. It also includes other powerful browser defenses like dual-engine anti-phishing (signatures and heuristics) and more.
Question:
So far, ZoneAlarm ForceField is the only mainstream consumer security product I can find that blocks this attack and the other Waledac botnet attacks starting on day one. Anti-spam should block some or most of the spam that initiates this attack, but it is rarely 100% reliable. Good internet sense may stop you from clicking on the link, but who knows, maybe you do have a Valentine somewhere that loves you. There are some techy PC virtualization and sandbox software programs out there, but they are too cumbersome for most people.
Is there a better way to block this attack?
PS. If you want to learn more about the Waledac Valentine's Day attack, the Waledac botnet or Storm botnet, these are my favorite posts on the subject:
Malware Writers Use Multiple Botnets to Spread Valentine's Day Heartache
eWeek by Brian Prince
Another Waledac Valentine's Day Spam Run Has Started
MX Logic IT Security Blog
New And Improved Storm Botnet Morphing Valentine's Malware
Dark Reading by Kelly Jackson Higgins
One more thing , I chose the option download (using the zaSetup.exe).
/fredrik
Posted by: Fredrik | February 22, 2009 at 04:40 PM
I continously get a problem of upgrading ZA free version using the zaSetup_en.exe file. The exe starts allright but after 100 % downloading I get an error message and the only available option that functions is "cancel download". This situation has not changed in one week. Something is corrupt in the downloader. Why this is not beeing coirrected I just can't guess.
Posted by: Fredrik | February 22, 2009 at 04:34 PM