Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in you inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go

Trend Micro Detects Spam Mails Distributing Zeus

According to Trend Micro the security company, fresh spam mails in bulk are hitting the inboxes of business users while trying for contaminating their systems with Zeus, the infamous Trojan that steals banking information.

Reportedly, the e-mails pose as messages from National Automated Clearing House Association (NACHA), the Electronic Payments Association, which is the institution for control catering to the network of ACH the Automated Clearing House.

Here, it deserves mention that ACH systems are those that organizations typically utilize, including government agencies that process several debit and credit transactions at the same time.

Moreover, the e-mails display captions such as "ACH Transfer rejected," "ACH transaction cancelled," "ACH Transfer cancelled," "Your ACH transaction" and so on.

Also, their text, like always, informs the recipient that the Electronic Payments Association has rejected the ACH transaction that was lately conducted through his bank account and whose details he can see by clicking a web-link provided.

But the web-link leads the users onto a site that thrusts a rogue Java update, which's really the notorious Zeus variant.

Says Director of Research in Computer Forensics Gary Warner at the UAB (University of Alabama) in Birmingham (Alabama, USA), the most interesting aspect of the current spam run is really the numerous domains it utilizes for carrying out the exploitation. Garwarner.blogspot.com published this on February 25, 2011.

Remarking about the above spam campaign, Garner added that it appeared like each computer, which dispatched the junk e-mails had been distinctly hijacked only to distribute spam mails. From the total 9,610 IP addresses, merely 2 had been observed earlier dispatching junk e-mails to the Spam Data Mine of UAB. On February 18 and 19, 2011, the 196.22.14.4 IP address sent 2 Viagra ads, while on February 8 and 9, 2011, the 112.135.85.114 IP address sent 7 Viagra ads in all. The remaining 9,608 IP addresses hadn't dispatched any spam, to say the minimum during January 2011. That really sounded infeasible to happen, Warner concluded.

Ultimately, it can be said that Trend Micro's forecast about online-crooks concentrating on malware attacks, which distribute malicious software through cleverly crafted electronic mails, is turning out true.

Related article: Trend Micro Detects Spam Mail Declaring World War III

» SPAMfighter News - 11-03-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next