Malware Writers Send an Early Valentine (if outbreaks are a sign of love)

by

Commtouch Labs is reporting mid-level volumes of a love-themed blended attack generated from zombies. The messages are tiny (around 2k), and have a love-oriented subject (e.g. “Memories of you”), and a short love-oriented message in the body (e.g. “A token of my love”; “falling in love with you”; “Happy I’ll be your bride”), with a link to a malware site. The hyperlink is an IP address, which is another immediate indicator of a zombie-attack. Below is a screenshot of a web site the attack leads to.

With Love Virus Screenshot

Some sample subject lines include:

  • A Dream is a Wish
  •  A Is For Attitude
  •  A Kiss So Gentle
  •  A Rose
  •  A Rose for My Love
  •  A Toast My Love
  •  A Token of My Love
  •  Come Dance with Me
  •  Come Relax with Me
  •  Dream of You
  •  Eternal Love
  •  For You….My Love
  •  Heavenly Love
  •  Hugging My Pillow
  •  I Dream of you
  •  I Love Thee
  •  I Love You Because
  •  I Love You Soo Much
  •  I Would Dream
  •  If Loving You
  •  Inside My Heart
  •  Love Is…
  •  Love Remains
  •  Magic Power Of Love
  •  Memories of You
  •  Miracle of Love
  •  My Love
  •  Our Journey
  •  Our Love is Free
  •  Our Love is Strong
  •  Our Love Nest
  •  Our Love Will Last
  •  Pages from My Heart
  •  Path We Share
  •  Sending You All My Love
  •  Sending You My Love
  •  Sent with Love
  •  Special Romance
  •  Surrounded by Love
  •  The Dance of Love
  •  The Miracle of Love
  •  The Mood for Love
  •  The Moon & Stars
  •  The Time for Love
  •  When I’m With You
  •  Why I Love You
  •  Words in my Heart
  •  You’re in my Soul
  •  You’re my Dream
  •  You’re the One
  •  You… In My Dreams

So the big question is… is there some lovers’ holiday today that I am unaware of that malware writers are trying to make a social engineering connection to? Or perhaps the spammers got mixed up & thought Valentine’s Day is January 15 instead of February 14? (1+15 and 2+14 do both add up to 16…ok, that’s just ridiculous). Perhaps they are beta testing their planned VDay outbreak which will be even more massive & destructive?

Go back