Wednesday, July 8, 2009

New Malware Attack on Outlook and Outlook Express

SC Magazine recently reported on a new malware attack masquerading as a critical update for Microsoft Outlook or Outlook Express.

The malware delivers a trojan called “ZBot,” which is a program that steals your login information (user name and password).

SC Magazine says the message a user will receive is: “This update is critical and provides you with the latest version of Microsoft Outlook/Outlook Express and offers the highest levels of stability and security.” The user will be directed to go to the Microsoft Update Center -- BUT the link provided doesn’t take you there!!

If the link in the email is used, a trojan named “ZBot” or “Zeus” will be downloaded. Within the instructions of the malware is a list of websites for the trojan to monitor, such as Facebook, MySpace, Flickr, Bank of America, and Wachovia. If a user visits one of these sites, the trojan will log a user’s keystrokes to obtain login credentials (user name and password), along with credit card or other sensitive information. It saves the information and then sends the file back to the attacker's server.

No comments:

Post a Comment