New ZBot trojan detected in UPS tracking emails

Email messages coming from UPS with the subject “Postal Tracking #FDD4Q22514LDU4N” and the attached file UPS_DOC_986001.zip are part of a new malware distribution by email. MX Lab intercepted the first samples of a new variant that is only detected by 5 of the 40 AV engines of Virus Total.
The body of the email:
Hello!
We were not [...]

May 27, 2009
Categories: Viruses . Tags: , , , , . Author: mxlab . Comments: 1 Comment

New Western Union MTCN trojan

MX Lab intercepted a new ZBot trojan today that is being distributed in the famous “Western Union MTCN” format. The message subject is “Western Union Transfer MTCN: 5815328212″. The attached file is a compresses zip archive WesternUnion_SPL90710021.zip containing the malware WesternUnion_SPL90710021.exe. Please note that the numbers in the subject line and/or attachment and executable can [...]

May 26, 2009
Categories: Viruses . Tags: , , , , , . Author: mxlab . Comments: Leave a Comment

New version of the Zbot-I trojan

A message with the subject line “Fwd: Look and tell…” that has been intercepted by the zero hour anti virus at MX Lab caught our attention. When submitting the details to Virus Total, only 14 of the 40 AV engines did detect this one. The email has the ZIP file attached named Info04.zip and when [...]

May 17, 2009
Categories: Viruses . Tags: , , , , . Author: mxlab . Comments: Leave a Comment