You are here: Home / ID Theft / Waledac Valentine’s Day attack stopped by ZoneAlarm ForceField. Are we the only ones?
Feb
13
2 comments so far, join the conversation.

Waledac Valentine’s Day attack stopped by ZoneAlarm ForceField. Are we the only ones?

Waledac Valentine’s Day attack stopped by ZoneAlarm ForceField. Are we the only ones?

by John Gable

 

Another Valentine's Day special.

 

You may have been reading how the Waledac botnet, a successor to the Storm botnet, has come to haunt your Valentine's Day.

 

This botnet is running a Valentine’s Day "campaign" soliciting people with phony Valentine’s themed e-mails and greeting cards. When users click through to a Web site to receive their messages, malicious software is silently and automatically downloaded to their computer. The malicious software can do any number of nasty things such as logging and transmitting everything a user types, stealing their credit card numbers and online passwords, and turning their computer into a launch pad to attack others.

 

With over 1000 variants in just one day, this is very hard to stop.  Perhaps impossible to stop for typical antivirus software that relies on lists of known threats.

 

This is yet another example of how important browser security has become.  We need to stop attacks like these at the point of entry – the web browser – and prevent that malware from getting onto the PC in the first place.

 

Thank you ZoneAlarm ForceField.  Just add ZoneAlarm ForceField to IE or Firefox, and you will be protected from attacks like this.  Our browser security prevents this and other attacks from hacking your PC by keeping the browser inside a "virtual sandbox" where malware can not access your system.  It also includes other powerful browser defenses like dual-engine anti-phishing (signatures and heuristics) and more.

 

Question:

 

So far, ZoneAlarm ForceField is the only mainstream consumer security product I can find that blocks this attack and the other Waledac botnet attacks starting on day one.  Anti-spam should block some or most of the spam that initiates this attack, but it is rarely 100% reliable.  Good internet sense may stop you from clicking on the link, but who knows, maybe you do have a Valentine somewhere that loves you.  There are some techy PC virtualization and sandbox software programs out there, but they are too cumbersome for most people. 

 

Is there a better way to block this attack?

 

PS.  If you want to learn more about the Waledac Valentine's Day attack, the Waledac botnet or Storm botnet, these are my favorite posts on the subject:

 

Malware Writers Use Multiple Botnets to Spread Valentine's Day Heartache

eWeek by Brian Prince

 

Another Waledac Valentine's Day Spam Run Has Started

MX Logic IT Security Blog

 

New And Improved Storm Botnet Morphing Valentine's Malware

Dark Reading by Kelly Jackson Higgins

2 Reader Comments
to “Waledac Valentine’s Day attack stopped by ZoneAlarm ForceField. Are we the only ones?”
  1. Fredrik ON February - 4:34 pm

    I continously get a problem of upgrading ZA free version using the zaSetup_en.exe file. The exe starts allright but after 100 % downloading I get an error message and the only available option that functions is “cancel download”. This situation has not changed in one week. Something is corrupt in the downloader. Why this is not beeing coirrected I just can’t guess.

    Reply
  2. Fredrik ON February - 4:40 pm

    One more thing , I chose the option download (using the zaSetup.exe).
    /fredrik

    Reply

Post a Comment

*