Tax Spam Disseminating Zeus

Researchers from 'Solera Networks' a security company warn that a tax spam is circulating across the Internet for disseminating the notorious Trojan named Zeus.

They reveal through their collected details that it was October 15, 2010 when for the first time they found the Zeus laced spam mails that counted to huge numbers and displayed the caption, "LAST NOTICE: Your Federal Tax Payment has been rejected in the system."

Speaking more about the most recent spam scam, Joe Levy CTO of Solera Networks stated that the e-mails carried a web-link apparently connecting to the Electronic Federal Tax Payment System (EFTPS) site. But, once clicked, it (the link) diverted users many times onto different malware websites that downloaded payloads on their computers as per suitability to their environment. Eventually, the payload that infected victims was Zeus v2, Levy outlined. EWeek.com published Levy's statement on October 15, 2010.

Furthermore, the CTO said that the attack, which emerged in dual surges, originated out of domains registered inside Russia. Already, 8-9 domains had been blacklisted. Besides, during the 2nd surge that struck on October 15, 2010, the language was altered as also typing errors, fixed. The domain name chosen was currently .com instead of .ru, Levy reported. Dark Reading published this on October 15, 2010.

The security company as well outlined that what surprised them was the sheer amount of the junk e-mails that once was responsible for 20% of all spam as well as the attack's layered technique.

Worryingly according to Solera Networks, even if computer users maintained up-to-date definitions and anti-virus programs on their systems, still they were vulnerable to the latest Zeus assault. That's because the criminals often altered the code which helped in avoiding detection.

Eventually, the most recent spam campaign that the security company unearthed as well indicates that with the advancement of technology, writers of malware such as Trojan Zeus are becoming increasingly refined in their assaults. Additionally, as per the company, the above kind of infections will definitely become more widespread, hence Web-surfers when online must exercise great caution so that such malevolent assaults can be thwarted.

Related article: TCU Graduate Seeks Professional Help to Invade University Network

» SPAMfighter News - 10/29/2010