Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    September 2014
    S M T W T F S
    « Aug    
     123456
    78910111213
    14151617181920
    21222324252627
    282930  
  • About Us


    ZeuS/ZBOT is best known for its information-stealing routines via the use of configuration files downloaded from their home sites. They are created using toolkits that allow remote control of the malware. Getting them to infect target systems is the tricky part. Cybercriminals have thus tried utilizing drive-by downloads, spammed messages, worm propagation, and many more ways. This time, they are trying out file infection.

    The malware detected by Trend Micro as PE_ZBOT.A injects code into target files and modifies its entry point to redirect to its code. This allows the malware to run its code whenever the infected file is executed. It then attempts to connect to the remote sites from which it downloads and executes malicious files that allow it to steal information from an affected system. The downloaded files are detected as TROJ_KRAP.SMDA and TSPY_ZBOT.SMAP. Once it completes its routine, it returns control of the affected system to its host file.

    This only shows that cybercriminals are continuously finding new ways to make sure they do not go out of business. The best way to protect one’s system is to be aware of the many techniques cybercriminals use and to keep security solutions and other pertinent applications patched and up-to-date.

    Trend Micro™ Smart Protection Network™ already protects product users from this threat by detecting and preventing PE_ZBOT.A and TROJ_KRAP.SMDA from executing on systems via the file reputation service. It also prevents user access to malicious URLs via the Web reputation service.




    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon






     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice