Spam Leads to ZeuS

Monday, April 22, 2013 @ 05:04 PM gHale


A new spam campaign is out that leverages the name of Australian telecom company TPG Telecom in an effort to distribute a variant of the ZeuS Trojan.

Bearing the subject “Restoration of Mobile Phone Deposit,” researchers at Kaspersky Labs found the faux email reads:

RELATED STORIES
Spam Campaign Hits Snapchat
Spam Not as Visible, but More Severe
Android Trojan Spreads through Botnet
3rd Party Apps a Bug Nightmare

“Dear Customer,

The balance of your Mobile Phone Deposit has dropped below $5.00, and we have initiated a debit of $16.95 to restore the balance to $20.00. Please refer to the attached report with detailed status of your account.

Thank you for using the TPG mobile phone service. Your customer ID is 5212306”

The file attached to these malicious emails appears to be a harmless document. However, in reality, it’s an executable identified by Kaspersky as Trojan-Spy.Win32.Zbot.jqye, a threat designed to steal sensitive information from infected computers.

It’s worth noting that Trojan-Spy.Win32.Zbot.jqye is one of the most famous ZeuS variants.

If you come across such emails, be sure to ignore them. If you’ve already opened the attachment, scan your system immediately with an updated antivirus solution.



Leave a Reply

You must be logged in to post a comment.