Advertisment

New wave of Zeus malicious email messages

author-image
CIOL Bureau
Updated On
New Update

BANGALORE, INDIA: Websense Security Labs reported witnessing a new wave of Zeus malicious email messages.

Advertisment

It may be recalled here that the campaign is related to the familiar "pharma" spam messages. The campaign combines an HTML or ZIP attachment with a social engineering technique.

Carl Leonard, senior manager, Websense Security Labs said “This is a great example of a blended threat that covers all attack angles —web, email and file based, which steals your data to boot.

Also read: Tools that can help protect data at End Points

Advertisment

In this campaign, a mail recipient may get a message to say $375 has been sent to a their account, and include a link to view the transaction. Opening the attachment results in a compromised user machine via an obfuscated JavaScript in the attached HTML file. For email messages that have ZIP attachments, the "label.zip" file contains "label.exe" which is a copy of Zeus — a banking Trojan. The malware copies itself to the C drive and tries to access two sites.

Websence Labs has reported recording more than 100,000 email similar messages and the number is stated to be growing.





tech-news