Zbot trojan targets Vodafone and Verizon mobile phone customers

As reported by Infosecurity last week, the incidence of Zbot trojan infections rose by 25% during October when compared to the month previously and it seems that specialised mailshots may be the reason.

According to weekend newswire reports, spam targeting customers of Verizon and Vodafone has been seen in the wild, trying to encourage recipients to click on an attached `account and balance checking utility'.

The utility, of course, is a Zbot-infected trojan and will turn the users' PC into a botnet slave.

What's interesting about the trojan carrying emails is that the origination addresses are being spoofed to look as though they are coming from one of the two mobile phone operators.

The end result is that users see an email ostensibly from no-reply@vodafone.co.uk or noreply@verizonwireless.com with a subject line of `Your credit balance is over the limit.'

According to Graham Cluley, Sophos' senior technology consultant, there is a danger that unsuspecting mobile phone owners might fall for the trojan trap, "perhaps convinced by the use of Vodafone's logo which is embedded in the email, and launch the file attachment, thus infecting their computers.

"As always, it's a good idea to treat unsolicited attachments sent to you out of the blue with suspicion. Defending your computers and email gateway with an up-to-date security product is a must if you want to stop hackers hijacking your computer, stealing your identity or tricking you into money-losing scams."

What’s hot on Infosecurity Magazine?