« Clearway Shield
The Twilight Saga New Moon Fans Targeted In Internet Scam »

Notorious Zbot Banking Trojan Ramping Up To Flood Inboxes With Malware

No Comments
GoldSparrow By GoldSparrow in Computer Security | 0 views
Rate it:
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading ... Loading ...

Malware hackers are commencing new efforts to infect computer users with the notorious Zbot (or Zeus) banking Trojan again which means we could be facing an epidemic of online banking theft.

We have noticed that the spam campaigning hackers are busy attempting to inform users through email that their email accounts have been deactivated and instructs them to run a file which is, as you may have already guessed, an infected attachment that installs malware on the user’s computer.

Malicious emails containing the subject line “your mailbox has been deactivated” which claims that the user will be contacted in regard to unusual activity identified on their mailbox. The messages read:

“As a result, your mailbox has been deactivated. To restore your mailbox, you are required to extract and run the attached mailbox utility.”

The corrupt emails are fabricated to appear as arriving from the email address “notifications@[address].com” with the same domain as the user’s account. Therefore, if your email address is name@something.com, the spam mail will have it’s from field spoofed to be notifications@something.com. This is a clever way that hackers are able to spoof your ISP or a “trusted” source so users are more apt to open and download the malicious attachment.

The file attached to the spam email is called “utility.zip” and will contain an executable malware virus identified as Mal/EncPk-LP. This malware parasite will deploy other trojan downloaders from different hosts, which eventually end up installing a malicious Trojan horse called TrojWare.Win32.TrojanSpy.Zbot.Gen (Trojan-Spy.Win32.Zbot.gen).

The Zbot Trojan, also known as Zeus, is a family of sophisticated Trojan stealers which are programmed to hijack online banking credentials and deviously transfer money to accounts controlled by hackers. Email spam is quickly becoming the preferred method of distribution for Trojans as of late. UK Vodafone, Verizon mobile customers and Facebook users have recently been targets of this specific type of attack. Users of such services should be aware and use caution when opening messages that contain attachments or embedded links.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Furl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
This entry was posted on 11/18/09 and is filed under Computer Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Comment

Note: Abusive comments are not allowed. Please do not post comments regarding technical support issues. ESG customers that have issues with SpyHunter should open a customer support ticket.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Top Malware

Recommended Products

Featured Videos

Poll

How much money have you spent trying to rid your PC of spyware?
View Results

Recent Articles

Top FAQs

Follow Us on Twitter

Archives

Home Sitemap RSS Feed Privacy Policy End User License Agreement Copyright 2003-2010. Enigma Software Group USA, LLC. All Rights Reserved.