We just received notice of an evolving version of the Zeus malware. For the full article click here.
Excerpt from Comodo:
An evolved version of the Zberp Trojan has recently been used to target business’ financial data through low-volume email campaigns. It disguises a Windows ‘PIF’ (Program Information Files) file extension as a PDF. Once the link to the file is clicked, the PIF can access information including names, IP, data in HTTP form, and FTP/POP accounts.
Zeus variants that use Windows extensions to steal user data have been discovered in malicious email campaigns.
Security researchers at Websense Security Labs have identified Zeus strains that implement information-stealing procedures that appear to be an evolution of the coding used in previous Zeus variants. The emerging variants, tracked over several months, are being used in new low-volume email campaigns that target users’ financial data. The Zeus variants in the campaign appear to also be using droppers that employ the hidden Windows “PIF” (Program Information Files) file extension — an extension the researchers say was often associated with viruses in the past and appears to be making a comeback.
For the full article click here.