Waledac spammers fake ‘bomb blast’ news story
Malware authors use geolocation technology to make the attack more convincing and persuade users to click on malicious links.

Security vendors have warned about a new social engineering attack that delivers fake news stories linking to malware.
The new attack tries to persuade users to watch a maliciously crafted fake Reuters video of a bomb attack' by downloading a version of Flash player, which is in reality malware.
The Waledac trojan had previously targeted users through Valentine's spam in February.
However, this attack appears to be particularly clever, as the malicious websites have been engineered using geolocation technology to report the location of the incident to correspond with the user's IP address. "Don't be fooled by the location. The site is running a couple of clever scripts," said Rik Ferguson of Trend Micro on the company's security blog.
"One of them will detect the location of your IP address and vary the location of the disaster accordingly. The other will vary the name of the downloaded file (news.exe, save.exe, run.exe etc.)"
He said it was further evidence that botnet authors were actively filling the void left behind by the fall of the Storm botnet and the McColo server takedown.
Security vendors Sophos and Websense also reported the attacks.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
-
Outgoing Kaseya CEO teases "this is just the beginning" for the company
Opinion We spoke to Fred Voccola who remains a key figurehead at the firm as it enters its next chapter...
-
Why Microsoft thinks diversity will keep security workers relevant in the age of agentic AI
News Improved AI skills and a greater focus on ensuring agents are secure at point of deployment will be key for staying ahead of attackers
-
96% of SMBs are missing critical cybersecurity skills – here's why
News The skills shortage hits SMBs worse as they often suffer from a lack of budget and resources
-
Sophos Firewall Virtual review: Affordable network protection for those that like it virtualized
Reviews Extreme network security that's cheaper than a hardware appliance and just as easy to deploy
-
MSPs are struggling with cyber security skills shortages
News A shortage of tools and difficulties keeping pace with solutions were also ranked as key issues for MSPs
-
Nearly 70 software vendors sign up to CISA’s cyber resilience program
News Major software manufacturers pledge to a voluntary framework aimed at boosting cyber resilience of customers across the US
-
Sophos and Tenable team up to launch new managed risk service
News The new fully managed service aims to help organizations manage and protect external attack surfaces
-
Ransomware groups are using media coverage to coerce victims into paying
News Threat actors are starting to see the benefits of a more sophisticated media strategy for extracting ransoms
-
Shrinking cyber attack “dwell times” highlight growing war of attrition with threat actors
News While teams are becoming more proficient at detecting threats, attackers are augmenting their strategies
-
Cyber security in the retail sector
Whitepapers Retailers need to ensure their business operations and internal data aren't breached