RSS Alerts

Share

More services

Related Links

  • Sophos
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Zbot head and shoulders high in October malware charts
    The October malware charts - just released by Sunbelt Software - show that the password-stealing trojan threat Trojan-Spy.Win32.Zbot.gen maintained the top spot on the list for the seventh straight month and is growing at an alarming rate.
  • Sophos spots BBC sending Nigerian scam email
    Sophos has spotted the reputation of the BBC being dragged through the mud with Nigerian scam email being generated that looks as though it has come from the UK broadcaster.
  • New web threats gain momentum
    Eighty per cent of infected websites have been compromised by a third-party hacker, according to the latest threat statistics from Sophos.
  • Anti-virus: a technology update
    Anti-virus software might be the archetypal security product, but with so many high-profile malware attacks – including Stuxnet and Zeus – is it doing its job? Kevin Townsend investigates whether anti-virus software is still relevant
  • UK phones and email subject to surveillance more than 1300 times a day
    A minor privacy furore has blown up after it was revealed by the Interception of Communications Commissioner, Sir Paul Kennedy, that police and other government agencies tapped into phone calls and emails as part of surveillance cases at the astonishing rate of 1381 times a day, every day, throughout 2008.

Top 5 Stories

News

Zbot trojan targets Vodafone and Verizon mobile phone customers

16 November 2009

The Zbot trojan - which typically distributes itself via emails pointing at or supplying an infected download - has been spotted targeting customers of the Verizon and Vodafone mobile phone networks on both sides of the Atlantic.

As reported by Infosecurity last week, the incidence of Zbot trojan infections rose by 25% during October when compared to the month previously and it seems that specialised mailshots may be the reason.

According to weekend newswire reports, spam targeting customers of Verizon and Vodafone has been seen in the wild, trying to encourage recipients to click on an attached `account and balance checking utility'.

The utility, of course, is a Zbot-infected trojan and will turn the users' PC into a botnet slave.

What's interesting about the trojan carrying emails is that the origination addresses are being spoofed to look as though they are coming from one of the two mobile phone operators.

The end result is that users see an email ostensibly from no-reply@vodafone.co.uk or noreply@verizonwireless.com with a subject line of `Your credit balance is over the limit.'

According to Graham Cluley, Sophos' senior technology consultant, there is a danger that unsuspecting mobile phone owners might fall for the trojan trap, "perhaps convinced by the use of Vodafone's logo which is embedded in the email, and launch the file attachment, thus infecting their computers.

"As always, it's a good idea to treat unsolicited attachments sent to you out of the blue with suspicion. Defending your computers and email gateway with an up-to-date security product is a must if you want to stop hackers hijacking your computer, stealing your identity or tricking you into money-losing scams."

This article is featured in:
Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012