Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Revamp of ZBot Trojan Reveals MX Lab

In a latest intervention, a new Trojan campaign spoofing the address "Federal Deposit Insurance Company (FDIC)" was revealed by MXLab.

MX Lab unmasked the catchy message that started the subject line, "FDIC: About your business account V3NV-9435223". Further, it informed the recipient of holding all bank-related knowledge of the recipient. For reference of the same, a file had been attached with this information. The attached reference included details on the acquiring bank, ways in which the accounts and loans are affected, and the ways by which vendors can file claims against the receivership.

The security experts confirmed the scammed e-mail attachment to contain a well known Trojan, ZBot. The zipped file bears the name FDIC_Information_About-your-business-account-07193.zip and holds the 205 kB large file FDIC - Important Information About your business account.exe.

Experts while commenting further on the spoof, claimed the Trojan to be similar to the one that appeared in the same month (December 2011) in the spoofy e-mails demanding over 7000 stocks to select from on the US exchanges.

Once more, MX Lab reported about the scammed e-mail with the subject "How To Beat The S&P500 By 5,420 pc Or MORE?, Wednesday, 7 Dec 2011 15:26:29 +0100, MAAIGNCPV5".

The message revealed from the content exclaimed the presence of over 7000 stocks to choose from on just the US exchange alone. At the same time, it also highlighted the chances of about 97% risk related to the stocks. However, of recent, one of the most respected trading experts of the community found a way out of these risk stocks, by which poison stocks are immediately sieved from the stock making them more potential for profit. At least the top 3% will likely offer the most profit potential of the trade.

This email also included the attached Zip file bearing the name
97_percents_poison_stocks_overview_report-19560.zip and contains the 200 kB large file.

Both the subject line, used by the scammer in the spoofy e-mail looks more or less similar. Only the subjects appeared with a date stamp and a randomly generated letter and number combination.

However, experts at MX Labs recommend netizens to remain vigilant while receiving e-mail with attachment files for Trojan or malicious spam.

Related article: Revamp of Kelihos Botnet

ยป SPAMfighter News - 12/17/2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page