1 min read

Fake FDIC bank deposit insurance coverage notification leading to ZBot

Răzvan LIVINTZ

October 27, 2009

Fake FDIC bank deposit insurance coverage notification leading to ZBot

This week’s malware distribution campaign, relying on a
medium size spam wave, features the abusive use of the governmental independent
agency name and identification elements to swindle the recession-panicked
account owners into downloading and endangering their computers.

FDIC

The unsolicited message informs the assumed holders of an FDIC-insured
bank account that the agency has declared the bankruptcy of the supposed
financial institution where their accounts were opened. The message also asks
the recipients to check the status of their deposit insurance coverage, by
following an alleged customized link towards the Federal Deposit Insurance
Corporation Web site.

FDIC

The link does not lead to the agency portal, but to a Web
page (registered on a .uk domain) that mimics a personal insurance
on-line account, employing several visual identification components of the
original FDIC Web site (namely the logo and the general formatting elements).

The page also provides a purported PDF and Word document
that the user should download and fill in. However, upon downloading the fake
files, the user does not receive the insurance e-form, but two executables
carrying a malicious payload, currently detected by BitDefender as
Trojan.Zbot.DLO, which is, in effect, another version of the infamous ZBot.

This long-lasting Trojan is still very prolific, as proven
by the last weeks’ malware dissemination campaigns that exploited
IRS’ identity
. This breed also has rootkit components that facilitate its
hidden installation onto the compromised machines, either in the Windows or
Program Files directory. ZBot injects code into several processes and adds
exceptions to the Microsoft

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

How to keep your Android device immune to malicious vaccine themed apps How to keep your Android device immune to malicious vaccine themed apps
Cristina POPOV

April 22, 2021

2 min read
Facebook Takes Down Two Hacking Groups Operating out of Palestine Facebook Takes Down Two Hacking Groups Operating out of Palestine
Silviu STAHIE

April 22, 2021

2 min read
Ransomware attack causes supermarket cheese shortage in the Netherlands Ransomware attack causes supermarket cheese shortage in the Netherlands
Graham CLULEY

April 13, 2021

2 min read