The red decorations in stores are for Valentine’s Day now, not Christmas, and this means a special season for security professionals. Most holidays are occasions for hackers to design special messages for phishing campaigns, but it seems more poignant when you’re promised a Valentine and instead get a virus.
This year’s first wave of Valentine’s Day malspam was reported by Brad Duncan on the Internet Storm Center site. The subject lines included greetings like “Always thinking about you,” “I love you,” and “Just for you!” All the attachments had filenames starting with “Love_You_”. The attachment was an executable inside a zip file, and it kicked off the process shown in this figure:
As the diagram shows, the malware downloader was used to hook the victim up to either ransomware, a spambot system, or a cryptocurrency miner, this year’s most popular uses of malware.
Valentine’s Day malware can have devastating effects. The most widespread attack probably occurred in 2000, when the ILOVEYOU worm infected more than 50 million computers, causing damage estimated between $5.5 to $8.7 billion in damages worldwide.
If you’re shopping for a Valentine, then, maybe the best message is a warning. Ah, the times in which we live.