Zeus Trojan Arrives through Spoofed Chamber of Commerce Electronic Mails
Business proprietors may become victimized with the most recent e-mails, which apparently arrive from the Chamber of Commerce of the United States having file attachments that in reality carry the notorious Zeus Trojan stealing bank account numbers, published Softpedia dated October 6, 2011.
And as common with most phishing e-mails, the new electronic mails also have a logo (of the Chamber). This logo is inside one sturdy banner while there's a footer, which provides information about the Chamber like its address as well as other things.
The mysterious electronic mail indicates that recipients (business-owners) can build a fine professional partnership with the Chamber that'll be mutually beneficial, while every relevant information is provided within "USChamber[dot]zip," the attachment as mentioned.
But, this attachment first-and-foremost consists of a malevolent component, which creates a backdoor, allowing admission into the victim's computer by the attacker. Thereafter, attempts are made for downloading other more hostile malware.
Moreover, when Zeus becomes active, it generates what's called miuf[dot]exe, a process that subsequently installs one keylogger introducing intermittent pings leading onto various domains from where additional commands are received. The malicious program as well dispatches UDP packs for informing its presence to other elements.
UDP packs represents one identical number of distinct Internet Protocol addresses of 72 data-bytes each that originate from an arbitrary area port linked up with one destination port that is exclusive to the receiver Internet Protocol address. Probably the idea is for declaring its presence to other botnet components, which will now have the victim's computer too.
Fortunately, the Trojan is detectable. For, first-and-foremost the e-mail arriving from a state organization will possibly never have any brief, confused message written in an enormous sized font as in the above case. Moreover, agencies already are aware about the numerous hacks, which exploit the formers reputation, so the attackers can acquire their victims' trust; therefore, it is extremely impractical that an authentic institution will dispatch end-users e-mails having zipped attachments.
Security researchers opine that it is healthier for risking not getting an e-mail from an authentic source in contrast to receiving Trojan-contaminated messages, which will actually steal people's bank balances.
Related article: Zeus Trojan Stole Huge Amount of Information
» SPAMfighter News - 15-10-2011