It’s almost no surprise that the world’s most popular bank information stealing trojan is back for 2014, and now it’s using a few new tricks.
The new attack emails use something call I like to call a Stactic (scare tactic), and are coming from what appears to be large law firms throughout the country. The email intends to confuse the reader by calling for an appearance in court as a defendant in a pirated software case. Example:
The new Zbot attack issues this “error” message:
After a successful installation, Zbot begins monitoring computer behavior for visits to financial institutions. If the malware detects a bank, credit union, or other viable target, it will then monitor keystrokes and take screen shots in order to capture the relevant credentials.
As always, you should not open an email if you are unfamiliar with the sender or if it looks suspicious in any way. If you notice something suspicious, you should delete the message, mark it as spam, or consult with someone in tech support. In this case, you can be sure that if you are really being called in to court, you will receive more than an email.
Barracuda Real Time Protection System protects against these emails and the malware destination/control servers.
Barracuda Spam & Virus Firewall