Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Unsolicited E-mails with Malicious Attachment Disguise as Bitstamp Exchange Facilitator

Spam mails asserting that they're from the renowned exchange facilitator Bitstamp notify Internauts that there has been a modification of information pertaining to their bank accounts by the digital currency dealer while a file is attached providing further details.

A spoofed address of the e-mail sender making the message look as being dispatched automatically via Bitstamp's alert service along with one signature from Nejc Kodric, CEO of Bitstamp is likely to give tremendous problem to users in actually recognizing the fraud.

Additional efforts towards crafting the text deter suspicion, which indicates use of skilled social engineering in the campaign.

And though the notification tells about bank account modification added with an attachment for extra information, customers are still told their original A/C continues to remain and that transactions would be accepted through it.

For giving the e-mail a legitimate appearance, there's even citing of SEPA transfers within the message, telling the recipient once more the transfers typically cover 3 work-days for completion.

ThreatTrack the security company intercepted a sample e-mail, examined it and found that its attached file served Upatre a widely-known Trojan installer. Upatre installed the banker Trojan 'Dyre' onto affected PCs. Dyre was first uncovered during June 2014. At that time, security firms cautioned about the ZeuS takedown that discovered certain method for evading Web encryption called SSL (secure sockets layer).

Another security company which intercepted the spam is MX Labs.

Both ThreatTrack and MX Labs report that the attached file, a zipped archive, is labeled bankdetails.zip as well as that it carries one 24kb sized big file named details.scr.

Moreover, MX Labs notes that Trojan Dyre is as well called Troj.W32.Gen, which's one sample of Mal/Generic-S, HEUR/QVM20.1.Malware.Gen or Win32/Kryptik.COEK.

Disturbingly, just 4 AV engines from Virus Total's 53 anti-viruses could spot the Trojan. As per MX Labs, it has caught a few more e-mails that don't contain the malevolent .zip attachment, however, warns these too could be harmful.

Like always, Internauts shouldn't view attachments within uninvited e-mails. Nonetheless, incase they've already done so then it's advised they run a system scan using an up-to-date as also recent edition of one high-quality AV program.

ยป SPAMfighter News - 11/10/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page