08.01.13

New ZeroDay: Zbot variant spreads like fire

If you receive an e-mail supposedly from the ‘Bank of America’, with an alleged expenses report attached, make sure you do not open it. Delete it at once.

The subject of the e-mail states that this is a ‘”statement of expenses” report notification, with a matching message inside, tagged with the ‘Bank of America’ logo on top and a short message, which supports the header line.

The e-mail in question contains an attached ZIP file named ‘report <date-number>.ZIP’. Inside the ZIP there is an executable file with a matching name.Once executed, your machine becomes yet another victim station for the Bot to continue spreading the malware around.

Since this is a ZeroDay threat, most anti-viruses do not detect it. It is important to set your e-mail client to prevent from getting such files (usually it is set by default, at least mine is), and if you do get them, by all means do not execute.