Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Spammers are becoming bolder, targeting even government agencies such as the National Intelligence Council (NIC) to further their malicious causes.

    Trend Micro fraud analysts were recently alerted to the discovery of spammed messages that purported to come from the NIC—the Intelligence Community (IC)’s center for midterm and long-term strategic thinking. The NIC provides intelligence reports to members of the IC, including the National Security Agency (NSA).

    Independent security journalist Brian Krebs in his blog confirmed that these messages were spoofed due to several obvious reasons, including:

    • The email address used in the spammed messages was
    • Another version purported to come from Extracting the header information, however, revealed that the real sender’s email address was {BLOCKED}
    • The spam run also specifically targeted email addresses with .gov and .mil domain names.

    The spammed messages persuaded recipients to download the .EXE file attachment, a spoofed version of the NIC’s 2020 Project.” In reality, however, the file is a ZBOT variant detected as TROJ_ZBOT.SVR.

    Like its well-known predecessors, this ZBOT variant is also an information stealer, as evidenced by the following published reports:

    Trend Micro product users need not worry, however, as Smart Protection Network™ protects them from this threat by preventing the spammed messages from even getting into their inboxes via the email reputation service and by detecting and blocking the download of the malicious .EXE file via the file reputation service.

    Non-Trend Micro product users can also stay protected via HouseCall, a free tool that identifies and removes all kinds of viruses, Trojans, worms, unwanted browser plug-ins, and other malware from affected systems.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice