Waledac suggests spying on your lover's SMS messages

The Waledac botnet is one of the more notorious botnets, well known for its social engineering scams designed to entice unwary users into clicking on malicious links in messages. Last month we blogged about Waledac spam of a fake news headlines regarding bombings in "your local" market.

Today, our spamtraps are full with Waledac’s latest campaign. Waledac is sending a variety of spam messages focusing on a free trial for an SMS text message spying application. The premise for the scam suggests that this application can enable you to eavesdrop on another person’s SMS text messages.

Spam subject lines may look like this:

Spam messages typically claims to offer a new service for spying on another person’s SMS messages:

Opening the link will open a download webpage for a "30-day free trial" of the SMS spy application. As you may have already guessed, the application is really an executable file for the Waledac bot:

It appears that Waledac is imitating a seemingly real but arguably legitimate SMS spying application, that enables you to spy on your lover's SMS messages. Waledac would seem to have turned the tables on recipients who may be taken in by this offer to spy on their loved ones.