Analysé par: Mark Christian Aquino

Airline company British Airways appears to be the supposed sender of a spam run Trend Micro has uncovered. The spam run attempts to lure users into opening a .ZIP attachment by posing as an approved travel itinerary. Unsuspecting users opening the attachment are actually opening malware. The malware in this spam run is found to be a ZeuS variant known as TSPY_ZBOT.LBL. ZeuS variants are known to steal information, particularly online banking credentials:

Trend Micro protects users from this spam run via its Smart Protection Network that detects and removes the ZeuS variant, and blocks the spammed message.

 Spam Blocking Date/Time: : 27 octobre 2012 GMT-8
  • TMASE Engine: 6.8
  • TMASE Pattern: 9136