"a new settings file for" - receivedt it only by chance, or the first sign of a large scale A new se

Discussion in 'Anti-Virus' started by Gabriele Neukam, Oct 15, 2009.

  1. Today I received a mail that had the subject "A new settings file for
    the (notmyownlocalpart)@t-online.de has just been released", which
    according to VT contained the downloader for a trojan horse.

    http://www.virustotal.com/de/analisis/2246dccc8dca8e8c3a708b99971d027ef64e129d02ab1456cd58aa8abdde4de1-1255615960

    How many of you got them, too? Avira calls it a ZBot variant and says
    it will steal banking data, see
    http://www.avira.com/en/threats/section/fulldetails/id_vir/4543/tr_spy.zbot.9164.1.html

    Microsoft identifies it as FakeRean which is a fake/rogue "antivirus".
    Weird.

    Googling for the sequence of the first five words already provides a
    considerable number of hits, and none of the linked entries seems to be
    older than three weeks. Is this a new spamrun / attack of a certain
    malware group?


    Gabriele Neukam

     
    Gabriele Neukam, Oct 15, 2009
    #1
    1. Advertisements

  2. See Virus Guy's post about "Interesting example of social-engineering
    trojan hook"

    ....whatever that means
     
    FromTheRafters, Oct 15, 2009
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.