Malware Campaign Attacks Companies Posting Job Ads
According to a security advisory from IC3 (Internet Crime Complaint Center), a combined initiative of the Federal Bureau of Investigation and National While Collar Crime Center, a malware scam, which aims at companies publishing help-wanted advertisements on the Internet, is presenting circulating online. Theregister.co.uk reported this on January 20, 2011.
The IC3, while highlighting the attack's severity, cites one case that the FBI probed, wherein an organization, which the cyber-criminals attacked, was left with a loss of $150,000.
Actually, the organization had published a job-offer on the Internet for which it got an e-mail response carrying a CV as an attachment.
But that attachment in reality had Trojan Bredolab, which's a malicious program, popular for involvement in pay-per-install programs.
The Trojan was utilized like a base for distributing Zeus, that's notorious and sophisticated for stealing bank data. Zeus, also a Trojan, was employed for capturing massive sums of money from both companies and individuals.
States FBI, the scammers utilized Zeus for capturing the Internet banking details belonging to the person who was tasked with conducting the organization's financial transactions after which they utilized those details for accessing that organization's bank account. Softpedia.com published this on January 20, 2011. The scammers, subsequently, altered the account configurations for letting wire-transfers through which they transferred money to banks in USA and Ukraine, FBI adds.
Overall, according to FBI, small businesses and consumers can perform certain things in case they aren't sure of e-mail attachments. They can erase them followed with reverting to the persons who sent the attachments requesting to send ordinary text versions. While this is the safest, another option is to view the documents within Google's Gmail and observe whether it looks genuine. ComputerWorld.com reported this on January 19, 2011.
Sadly, it's because of the above kind of scams that there's been an increase in online malware scams. Moreover, the latest scam demonstrates that the Bredolab botnet continues to survive and work, albeit during October 2010, authorities in Holland declared that computer experts dismantled it, capturing and taking offline over 100 C&C servers. Some specialists think that Bredolab infected no less than 30m PCs.
Related article: Malware Authors Turn More Insidious
» SPAMfighter News - 29-01-2011