Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


New Banking Malware Targets Germans - Microsoft

Itworld.com published news on 6th January, 2015 quoting Microsoft as "Germans are being targeted by a new variant of an influential kind of malware which steals credentials of online banking."

Security vendors spotted the malware known as Emotet around last June (2014). According to a write-up of Trend Micro in last year; it is notable that it can sniff out details sent over encrypted HTTPS links by tapping into eight networks APIs.

Itworld.com published a report on 6th January, 2015 quoting a write-up of HeungSoo Kang, Security Researchers of Microsoft Malware Protection Center, as "Microsoft has been watching a new variant called Trojan:Win32/Emotet.C which was distributed as part of a spam drive that peaked in November (2014) targeting mostly Germans."

Emotet is distributed via spam messages containing either a link to a website hosting the malicious software or a PDF document icon which in actuality is the malware.

The unsolicited messages try to gain the limelight of potential victims by claiming to be kind of a phone bill or an invoice from a banking institution or a message from PayPal.

It is complicated for electronic mail servers to filter out spam emails maligned with Emotet because spamming component employs compromised email accounts to send tainted links. Spam module of Emotet (identified as Spammer:Win32/Cetsiol.A) logs into email services using the embezzled account name and passwords to send junk emails. This means conventional anti-spam tactics like callback verification will not be applicable as the email is distributed from a genuine or vetted email address.

Unlike Internet Explorer, majority of file archive softwares do not warn victims when they execute an archived file which has been downloaded from the world-wide-web. In this case, Emotet binaries are dispensed in a .ZIP file and installed default file archive software like WinRar, Windows Explorer or WinZip will unlock the file.

While running, Trojan:Win32/Emotet.C watches network activity at the time of stealing details of online banking. It sends the stolen data back to its command and control (C&C) server where it is employed by other components to distribute threat through spam emails.

The software giant concluded that you should install latest updated version of anti-virus software on your system to minimize infection from this malware.

ยป SPAMfighter News - 1/14/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page