Zbot Trojans Spread Through New Spam Campaign

Security researchers at Trend Micro have found another malicious e-mail attack that is spreading Trojan Zbot by stating that they contain the recipients' photographs.

Displaying subjects like "some jerk has posted your photos" and "your photos," the e-mail tells the recipient that some person has placed his pictures on a website and e-mailed the corresponding link to all his buddies.

The purpose is to convince the recipient that the individual sending the e-mail is playing the "good Samaritan" by informing about the alleged photos posting. However, the URL leads to a site, which disseminates a malicious program detected by Trend Micro as TSPY_ZBOT.CJA.

Commenting on the Zbot malware, Internet security specialists state that the Trojan downloads security configurations and plants harmful programs on the infected PC. In fact, Zbot creates an enormous security flaw by which numerous harmful spyware and adware could be fed into the user's system.

Moreover, the Internet Security Business Unit of Computer Associates (another security company) reported the same spam attack and identified the malicious program as Win32/Zbot.

The security company states that if a person clicks on the web-link given in the e-mail, he would be taken to a malevolent website that insists the user to download a "PhotoArchive." PhotoArchive is a malicious installer that leads to a file -"PhotoArchive.exe" - a Trojan that steals passwords. If this file runs, it plants and runs its own copy as sdra64.exe inside the Windows System directory.

Thus, the security specialists suggest that users must keep watch on such types of e-mails and avoid viewing any unless they are sure of its content, no matter if its sender is an associate or friend. Further, they must use dependable and up-to-date software for blocking viruses. Students should choose an antivirus program, which is equipped with resident software for monitoring the program's activity while the computer is in use.

During the 3rd week of November 2009, authorities at the Manchester Police Central e-Crime Unit and Greater Manchester Police arrested a couple as it maliciously used Zbot.

Related article: ZBot Trojan Proliferating Inside Facebook: Trend Micro

» SPAMfighter News - 12/7/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Press Releases - IT Security News

Go back to previous page
Next
-->

Products

SPAMfighter
SLOW-PCfighter
FULL-DISKfighter
DRIVERfighter
VIRUSfighter
SPYWAREfighter
Anti spam / Anti virus business solutions

About

Company
Contact us
Press room
Support
Blog
Sign up for newsletters

Partnerships

Become a partner
Become a reseller
Find a reseller
Become an affiliate
White Label Software

Social media

Facebook
Twitter
Youtube
LinkedIn
© SPAMfighter 2003-2025    All rights reserved.    Privacy Statement    Sitemap