The Zeus botnet strikes again

The Zeus botnet is hitting inboxes worldwide this week. Capitalizing on the public concern over the flu and the recent swine flu outbreak, a spate of malicious emails have been distributed with subject lines such as “Governmental registration program on the H1N1 virus”.

Messages are enticing recipients to visit a webpage proudly displaying the Center for Disease Control logo, from which they can download their “H1N1 Vaccine Profile Archive.’ The “archive’ is, in reality, the installer program for the Zeus bot, which will place a keylogger on your machine and try to steal your personal data.

Jamie Tomasello, Cloudmark’s Abuse Operations Manager comments: “Most anti-virus vendors have signature updates that will mark this installer as malware, so one way to protect yourself is to make sure that your A/V software is up to date. All of the fake CDC URLs we visited were detected as forgeries by the newest versions of Firefox, as well.”




Share this