|
BitDefender Uncovers FedEx(R) Spyware
(Marketwire Via Acquire Media NewsEdge) BUCHAREST, ROMANIA, August 27 / MARKET WIRE/ --
BitDefender researchers have identified
a new large spam wave featuring abusive use of the delivery company's name
to deceive users into downloading extremely dangerous malware.
The e-mail spam informs customers that FedEx? was not able to deliver a
specific package sent one month ago. The message also asks the recipients
to download and print the attached invoice in order to retrieve the
package. However, the attached archive does not hold the alleged invoice,
but an extremely dangerous piece of malware, known as Trojan.Spy.ZBot or one of its many variants,
such as Trojan.Spy.Wsnpoem.HA.
This malware was specially engineered to steal sensitive e-banking data.
Once it penetrates a system, it installs in Windows\System32 directory,
where it creates the rootkit-hidden wsnpoem folder that it populates with
the encrypted ntos.exe, audio.dll and video.dll files (in effect, the two
so-called "DLLs" are used for configuration and storage purposes). It also
creates a registry entry that enables its automatic launch each time
Windows? starts up. To harvest the sensitive e-banking details, it
injects code into winlogon.exe and iexplorer.exe processes and downloads
one or several files from a remote server. It employs these files to store
the data it gathers by monitoring the Web browser activity.
"ZBot and its family have an increased damage potential, as they are able
to deactivate the firewall, steal sensitive financial data such as credit
card and account numbers, as well as login details, make screen shots and
create logs of current working sessions," said Sorin Dudea, Head of
BitDefender Antimalware Research. "In addition, it is capable of
downloading supplemental components and providing a remote e-criminal with
the means to access the compromised system. Hence, we strongly recommend
you not to open these e-mails and their attachments and to install and
activate a reliable antimalware, firewall and spam filter solution."
About BitDefender?
BitDefender is the creator of one of the industry's fastest and most
effective lines of internationally certified security software. Since our inception in 2001,
BitDefender has continued to raise the bar and set new standards in
proactive threat prevention. Every day, BitDefender protects tens of
millions of home and corporate users across the globe -- giving them the
peace of mind of knowing that their digital experiences will be secure.
BitDefender solutions are distributed by a global network of value-added
distribution and reseller partners in more than 100 countries worldwide.
More information is available on our security solutions ' site.
Add to Digg Bookmark with del.icio.us Add to Newsvine
Copyright ? 2008 Marketwire
[ Back To TMCnet.com's Homepage ]
|
TMCnet LOGIN
Webinars
