PWS-Zbot.gen.cc DescriptionType: Trojan
Beware of an email scam involving the Trojan PWS-Zbot.gen.cc. This email scam consists of an email claiming to originate from DHL, the popular international courier service. This fraudulent email will try to convince the victim that there is a shipment on the way and that an attached file should be opened in order to track the package and obtain more information on the shipment. However, opening the attached file contained in this bogus email from DHL will cause the victim's computer to become infected with the PWS-Zbot.gen.cc Trojan. It is easy to become fooled by this email scam, because the criminals behind PWS-Zbot.gen.cc have managed to spoof an email address that looks quite authentic, appearing to originate from an official DHL server. It is because of this that ESG malware analysts strongly recommend never opening links or downloading attachments contained in unexpected emails, even if they appear to come from a legitimate source.
The fake email from DHL is a fairly passable imitation of legitimate emails from this courier company. It also contains links to the official, legitimate DHL website. The language within this email is also pretty typical of official emails from this company. This is why caution should be exercised when dealing with unexpected emails. Even then, it is highly unlikely that a legitimate email from DHL would prompt a user to open an attached file in order to receive more information on a particular shipment. These kinds of practices should trigger your alarms, since they are typical of how most phishing scams and email frauds operate on a computer.
The Trojan contained in this fake DHL email, PWS-Zbot.gen.cc, also detected as Win-Trojan/Obfuscated.Gen, is a fairly typical backdoor Trojan. PWS-Zbot.gen.cc is designed to take over your computer system, connect to a remote server and put your computer system in the hands of a criminal. Using the PWS-Zbot.gen.cc infection, a hacker can control your computer system remotely. This level of unauthorized control can be used to perform illegal acts involving the infected computer system. Some examples of activities associated with a PWS-Zbot.gen.cc infection include using the infected computer to send out spam email (including additional copies of the fake DHL email scam), using the infected machine to perform DDoS attacks on specific targets and to cover up other criminal activities such as child pornography rings or money laundering. Computer users should be certain that their anti-malware software is protecting their systems from the PWS-Zbot.gen.cc Trojan.
15 security vendors flagged this file as malicious.
File System Details
|#||File Name||MD5||Detection Count|
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.