New Wave of Infected Spam Emails Detected
Security researchers at MX Lab warn of a new wave of spam emails with different content and subjects. These e-mails distribute a malicious payload new Zbot variant in the attachments.
The rogue emails contain subject lines such as "EBOD Meeting MEC Update", "Summary of payments", "Another candidate brought to you", "Fw: New Taxes Coming" or "Sales Dept." It seems that they are targeted at the business users.
One of the messages, which seemed credible, even misused IBM's name to trick the recipients into opening the malicious attachment and execute the malware.
The e-mail message reads - I am Charles Brand working at the post of Technical Team Lead with IBM with more than 10 years of mainframe development experience. I believe that my skills will meet the requirements. Please see the Resume as a word attachment. I am available at 404-353-5442 for a discussion. By the way, I am in EST time zone, as reported by softpedia dated on August 14, 2010.
Moreover, MX Lab intercepted three other spam emails with attachments which read - Have fun....email with questions and have a happy and safe weekend... still require more letters... do it! In Unity! Chauncey Pennington.
The emails further read - the attached two files showing the amounts paid this past year. These files are in form of Lotus 1-2-3, but these can be opened in the Open Office spread sheet and Excel sheet. I have attached a part of that document at the bottom so that you can get its print out for your friends.
MX Lab experts have analyzed the above messages and highlighted that the attached zip files too have different names such as "2010 Financing.123.zip", "2010 MEC Update.zip", "six_months.zip" or "resume.zip."
Security researchers at MX Lab have noted that at the time of writing, only 4 of the 42 AV (antivirus) engines at VirusTotal detected the threat. This indicates that the malicious payload which is a new variant of Zbot has a very low detection rate and it is increasing with the growth in the malicious spam campaign.
As a result, the security experts suggest netizens to install good quality internet security software to avoid e-mail from entering the inboxes.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 20-08-2010