How Is The Zbot Trojan Spread Via Fake IRS Emails?

by Lee on December 31, 2009

in Malware

Every couple of years in the world of online crime there are certain viruses and trojans that become a popular way of spreading malware.

Hackers will see that a certain method is working for a rival group and they will reverse engineer that method.

After they reverse engineer the problem, they will then commence to use it for themselves.

Sometimes they do not even have to reverse engineer the problem.

The code may be available for a person to get, either through payment or for free.

zbot trojan spread via irs email

The Zbot / Zeus Trojan

One popular piece of code that is making the rounds, in the criminal circuit, is the Zbot or Zeus trojan.

The Zbot Trojan is becoming a huge threat especially during the holiday seasons.

The creators of the Trojan first send you an email that seems to come from the IRS.

It then request that you go to a web site so that you can fill out a “tax refund request form”.

Once you are at the site, your computer browser will seem like it is seeing a blank HTML page.

This page, while looking innocent, is actually doing something very damaging.

It is uploading the Zbot Trojan on your computer.

Once the Trojan is allowed to load onto your computer is then installs a malicious program that will either use your computer as part of a bot network or try to attempt to steal your personal information.

So far this technique has been used with only fake emails from the IRS.

IRS Fears

This is pretty effective because it plays on a lot of fears that people have when it comes to the IRS.

They do not want to miss any information that might come from them since they fear that they might get in trouble.

Also they provide an extra carrot on the stick by telling you that it involves a refund that you are due to receive.

This would make even the most cautious person at least think about clicking the link.

This is just a reminder that you must be careful, even if the email seems to be coming from a government organization.

All emails can be faked.

The IRS is aware of this form of attack and they have on their web site a warning for people about it.

This is another example of when it comes to very sensitive data, go directly to the web site.

Do not click links in the email that will take you there.

Related Posts

  • Microsoft Office Outlook Web Is Being Spoofed By Hackers
  • Beware Of The 4th Of July E-card Malware Scam
  • Can Snow Leopard’s Anti-Malware System Only Protect Mac Users From Two Trojans?
  • Trojan KillRDDL.A – The Hash N Slash Horror
  • What Exactly Is Malware?
  • Hackers Use The News Of Fake Celebrity Deaths To Their Own Advantage
  • Are You Prepared For World War III?
  • Malware That Changed The World – The I Love You Virus
  • Sony Ericsson Name Used In Fraudulent Emails
  • Wipeout! New Trojan (Trojan.KillFiles.904) Can Obliterate Your Computer

    • { 1 trackback }

    Microsoft Office Outlook Web Is Being Spoofed By Hackers
    January 21, 2010 at 9:02 pm

    { 0 comments… add one now }

    Leave a Comment

    Previous post:

    Next post: