Researchers with Shadowserver Foundation think they are seeing some new tricks from an old botnet. And it could mean a comeback in 2011 The Storm/Waldec botnet may be behind a new spam campaign that was recently launched to kick off 2011. According to researchers with Shadowserver Foundation, the campaign is designed to look like a New Year’s-themed e-card. Users receive a message that says “Charley has created a New Year e-card. To view this page please click here.” The user is then directed to a server that asks them to download a Flash player, which in turn installs malware onto the user’s machine. Get a behind the scenes look at how the Shadowserver Foundation works in The Botnet Hunters“At first it looked like your regular old holiday e-card scams that have been around for years. However, upon closer inspection it looks like we could be dealing with the next generation of Storm Worm or Waledac,” said Steven Adair of Shadowserver in a post. “If you consider Waledac to be Storm Worm 2.0, this looks like it could be version 3.0 or at least Waledac 2.0.”According to Shadowserver, among some of the newer components of the latest spam effort are new malicious domains that are fast flux, links are to several hacked websites hosting HTML pages that refresh to new malicious domains, and malware that’s been updated to look a bit more like legitimate than past variants. More about botnets What a botnet looks like The botnet hunters Report: Rustock still top dog among spam botnets With botnets everywhere, DDoS attacks get cheaper “We have not done any analysis to see if there are actually any pieces of the code that were directly taken or updated from the Storm Worm or Waledac code,” the post states. “However, whether or not the code is the same or not, this appears to be the next generation of Storm Worm and Waledac. We are just saying it could be Storm Worm 3.0, at least until someone gives it a better name. “First detected in 2007, Storm botnet was responsible for large volumes of spam for more than two years until a decline in late 2008. Last April researchers with McAfee said rumors of a Stormbot 2 had been verified. Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe