Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    TrendLabs senior advance threats researcher Ivan Macalintal found spammed messages claiming to come from the Internal Revenue Service (IRS). The email message warns recipients of either underreporting or not reporting their incomes in line with the tax season (April). It asks users to click the embedded link to correct the supposed errors.

    Click for larger view

    Once clicked, the URL leads users to download a ZBOT variant detected as TROJ_KRAP.SMDA. Like previously detected  ZBOT variants featured in the following entries, this malware also steals information from users’ systems then sends the stolen data to a remote user:

    TROJ_KRAP.SMDA also terminates security-related processes and disables Windows Firewall. For more information on the ZBOT malware and the infamous ZeuS botnet, please refer to Trend Micro’s recently published research paper, “Zeus: A Persistent Criminal Enterprise.”

    Trend Micro™ Smart Protection Network™ protects product users from this threat by preventing the spammed messages from even reaching users’ inboxes via the email reputation service. It also blocks access to the malicious sites via the Web reputation service and stops the download and execution of the malicious files via the file reputation service.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice