English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

SPAMfighter is

Microsoft Gold Certified Partner

SPAMfighter also

Works with Windows Vista

SPAMfighter Exchange Module is Microsoft certified ".net connected".

Microsoft .NET Connected

Bogus Microsoft Outlook Reconfiguration E-mails Install Zbot’s New Variant

According to some security researchers, a new edition of Zbot is utilizing a spam campaign which talks about Microsoft Outlook configuration for propagation, as reported by SOFTPEDIA on June 19, 2009.

Security researchers have claimed that criminals behind this campaign have extended their lists of potential victims by including TheBat! users.

In the starting of June 2009, cyber criminals who developed the notorious Zbot malware decided to change the theme of their campaigns. They sent spam e-mails falsely talking about the reconfiguration of Outlook Express or Microsoft Outlook.

One of the campaigns included directing the e-mail recipient to a phony web page where he was asked to feed in his configuration information including username and password. In another campaign, malware distributors attached a .zip file with the e-mail that asked the recipient to open the file for reconfiguration of Microsoft Outlook. In reality, the .zip file contained a Zbot installer.

Sophos has given name to this file - "Troj/Bckdr-QVN" and has asserted that all the URLs related to this campaign have been totally removed from the Internet. However, it has expressed doubt that they may reemerge in future as attackers' have the potential to establish separate hosts to propagate malicious files.

Alex Eckelberry, Chief Executive Officer, Sunbelt Software, said that these attacks were modified to include clients of TheBat!, as reported by SUNBELT Blog on June 11, 2009.

Eckelberry also added that malware distributors had expanded their target base, but the bot seemed to get confused, meddling in TheBat! with Outlook Express and Outlook.

Vanja Svajcer, Principal Virus Researcher, Sophos, said that the new malicious campaign made its mark on the Internet on June 16, 2009 with the sole purpose of spreading links to malicious file, as reported by SOFTPEDIA on June 19, 2009. Although several URLs seem to be used for spreading malware, the file name remains same called Outlook_update.exe," said Svajce.

After studying the file in automated analysis environment, Svajcer concluded that it was a new variant of Zbot.

This indicates to cyber crooks' consistent efforts of searching innovative, sophisticated and advanced tricks of installing malicious programs on users' computers or handing over their sensitive financial and personal information.

» SPAMfighter News - 26-06-2009

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird - Read more

Slow PC? Try SLOW-PCfighter

Optimize your Slow PC for better performance. Try FREE scan now.

 

Exchange spam filter

SPAMfighter Exchange Module is a spam/virus filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial

<<<>>>