According to researchers at several security companies, including , and , spam campaigns are in gear that try to trick users into visiting malicious Web sites hosting variations of "Waledec," the Trojan horse thought to be the successor to Storm.

Sam Masiello, vice president of information security at MX Logic, was to call attention to the attacks, which begin with one-line spam messages such as "Haven't you heard latest news about our president-elect?", "Barack Obama abandoned sinking ship," and "Obama doesn't wany [sic] anymore to be a president."

The links in those messages lead to a legitimate-looking site that resembles the . The fake site contains both bogus and real news stories. At the top of the page is a story with the headline "Barack Obama has refused to be a president," that includes text which reads, "On the Eve of Inauguration Day President-elect Barack Obama made statement. He declared that he is definitely NOT ready for this position."

Clicking on a link to read more of the story triggers a download of an executable file that is in fact a , according to researchers at Trend Micro and F-Secure.

Waledec has been linked to 2008's Storm by researchers including , director of research at Atlanta-based SecureWorks Inc. and one of the leading experts on botnets. Last week, of the world's biggest botnets, and put Waledec in the No. 9 spot with an estimated 10,000 hijacked Windows PCs under its control.