Malware authors are using IP tracking methods to deliver the latest variant of malware. It’s reported that the malware Waledec sends localized news to the victims using GeoIP technologies. The malware lure the user by sending news about recent terror attacks in their city and other heavily localized news. Once infected with the malware the computer joins the Storm botnet and act as zombie.

However, this is not the first time Waledac attempted to use this localization technique. Waledac has been using this GeoIP functionality back in February, when the botnet sent fake coupons. Mal/Waledec-A is a malicious program frequently associated with the W32/Waled-Gen family of worms.

Explore More

Koobface; The Facebook virus. Latest in the list of social networking virus

Virus developers are still targeting social networking users to distribute the virus. The “friendly nature” of the social networking sites makes it easier to spread the worm quickly. Most users

Read More

Non-persistent XSS vulnerabilities Sam’s Whois

Sam’s Whois is a free php class with supporting scripts which make adding a domain name whois lookup to your website incredibly simple. Main Features * All major tlds supported

Read More

Tracking Down A BotNet

This will not be very long, nor will I go into excessive amounts of detail into the tools and steps required. The purpose of this paper is simply to help

Read More