TSPY_ZBOT.SMQH
In October of 2011, PC security researchers identified a new variant of the Zeus Trojan. This variant has been identified with the name TSPY_ZBOT.SMQH. It appears that TSPY_ZBOT.SMQH is faster and more efficient at relaying messages from the infected computer system to a third party. ESG PC security researchers consider TSPY_ZBOT.SMQH as part of an organized computer crime ring, responsible for several other dangerous malware threats.
Table of Contents
Characteristics of the TSPY_ZBOT.SMQH Trojan
Unlike previous versions of the Zeus Trojan, the TSPY_ZBOT.SMQH Trojan uses UDP to download its configuration file, rather than simply HTTP. The TSPY_ZBOT.SMQH Trojan made news due to an attack through a spam email, as part of a phishing scam. Criminals sent out the TSPY_ZBOT.SMQH Trojan embedded in an email that was allegedly issued from the Australian Internal Revenue office. These attacks took place in the last weeks of September of 2011. Like the Zeus Trojan, the TSPY_ZBOT.SMQH Trojan is also closely linked to the BlackHole Exploit Pack. This is a collection of exploits for the most common operating systems and applications. Hackers can use these exploits to deliver the TSPY_ZBOT.SMQH Trojan or other Zeus Trojan variants.
The TSPY_ZBOT.SMQH Trojan’s Availability
One of the most dangerous aspects of variants of the Zeus Trojan (such as the TSPY_ZBOT.SMQH Trojan) is that the Zeus Trojan and the BlackHole Exploit Pack became available on underground torrent websites in 2011. This is why PC security analysts can expect several variants of the Zeus Trojan to start popping up. While a large number of "script kiddies", or inexperienced hackers with only a basic knowledge, will download and use the extremely user friendly Zeus Trojan, many criminals with far more experience will also get a chance to adapt and change this dangerous malware threat. This can only mean that PC security researchers all over the world will have their work cut out for them in the months that follow. The Zeus Trojan and its variants are well known for being very easy to use and to unleash on a victim. While previously only hackers with large amounts of money and resources could afford dangerous malware like the Zeus Trojan, now any hacker can download it and tweak it to their liking. The results can be seen in dangerous malware like the TSPY_ZBOT.SMQH Trojan. ESG PC security researchers recommend being extremely wary of phishing scams and informing yourself on the most recent spam email practices.
SpyHunter Detects & Remove TSPY_ZBOT.SMQH
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | file.exe | f7742c9a69790ead1552faf5171c1e90 | 0 |
2. | file.exe | a5b4b95bfe10aa40abab7a3e0a17eab1 | 0 |
3. | file.exe | bc580fb702455f3c40fce5a142171d3f | 0 |
4. | file.exe | d15467e6bec5b7c7c8625773c7abe928 | 0 |
5. | file.exe | fb7ac5ee4d90edd9b4f3c0cdab57a071 | 0 |