Similar Searches

Related News

Latest News

CIA website brought down – were Anonymous attackers responsible?

Dutch ISP KPN hacked, credentials and personal information leaked

Valentine’s Day Cyber Scams that Will Play with Your Heart

Strong Authentication by Itself is Not Enough to Prevent Man-in-the-Browser Attacks

How Criminals Capitalize On Our Digital Lives

Zeus Botnet Attacks via FedEx Scam

Yesterday we discovered a new Zeus campaign.
Most of the messages associated with the new spam campaign are linked to the Asprox botnet. This time, the focus is on FedEx. Most of the attachments start with either FedExDoc.exe or FedExInvoice.exe. Those attachments are recognized as the Bredolab Trojan, which will download the Zeus component.
This Zeus variant has a control host on hxxp://x5vsm5.ru, but also downloads from hxxp://trachsel.biz.
The targets of these samples are a large number of banks outside the United States. We still see common U.S. targets…

Citibank
Comerica
USBank
WellsFargo

and also some banks from Europe, the Middle East, Asia, and South America…

Neue Bank (Liechtenstein)
Arab Bank
MyBank (Taiwan)
BHI Bank (United Kingdom)
NPBS (United Kingdom)
Banco de Sabadell (Spain)

as well as several other banks.
Watch out for Zeus’ going global.

Source: McAfee Avert Labs

Write a Comment

Copyright © 2012 The Security Blog. All rights reserved.