Search
Keyword: zbot
Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)
NOTES: This is the Trend Micro detection for malicious network packets that may manifest any of the fo...
FAREIT is a malware family of information stealers used to download other malware such as ZeuS/ZBOT onto infected systems. Its variants typically steal user names and passwords on stored in web browsers. In addition, these steal email credentials and...
ZLOADER is a banking trojan also known as Terdot and Zbot. This malware is based on leaked code of known ZeuS malware. It uses web injects to steal user credentials and other private information from the victim. It can also steal passwords and cookie...
This malware is involved in an April 2014 attack that leveraged a macro-enabled word document as a malicious spam attachment in order to infect machines with ZBOT malware. Users affected by this malware may find their online banking accounts compromi...
This malware is involved in a ZBOT spam campaign that targeted British users. Once the malicious attachment is opened, it inevitable leads to the download of ZBOT malware into the affected system.To get a one-glance comprehensive view of the behavior...
Trend Micro has flagged this file infector as noteworthy due to the increased potential for damage, propagation, or both, that it possesses. Specifically, this file infector is part of ZBOT malware family that has a routine to infect files other than...
TEQUILA is bot malware which made headlines after targeting Mexico's financial institutions in 2010. The botnet particularly targeted the country's local Paypal site and the country's largest bank, Bancomer.This malware connects to a C&C server in or...
This spyware may be downloaded by other malware/grayware/spyware from remote sites. It may be unknowingly downloaded by a user while visiting malicious websites.It also has rootkit capabilities, which enables it to hide its processes and files from ...
This malware was discovered on January 2014 as a file infector that not only infects all executable files on an affected system, but also drops a ZBOT variant. Users affected by this malware may find their personal information stolen and their online...
This malware is part of the 64-bit ZBOT samples that have been spotted to target 64-bit systems during January 2014. Users affected by this malware may find the security of their systems compromised and their critical personal information stolen (suc...
This spyware is a variant of the ZBOT/ZeuS malware family that targets smartphones running on Windows Mobile. It intercept calls and text messages to steal user credentials used in online banking.To get a one-glance comprehensive view of the behavior...
We received a spam sample that spoofs its 'From' field to look like an email report from the United States Computer Emergency Readiness Team or the US-CERT. It's a bit of an irony that the sample purpo...
Windows 2000, Windows XP, Windows Server 2003
Heuristic DetectionThis is the Trend Micro heuristic detection for suspicious files that manifest similar behavior and characteristics as the following malware:
Communication to co...
One of the prevalent exploit kits in the cybercrime today is Blackhole Exploit Kit (BHEK), which used spammed message that looks exactly like the legitimate email and leverages relevant and timely top...
It is a malicious attachment related to a tax-themed spam campaign. The malware connects to malicious URLs to download an encrypted version of a ZBOT variant, which disables the antivirus products installed in the system.To get a one-glance comprehen...
WORM_DORKBOT or NgrBot is an Internet Relay Chat (IRC) bot used for distributed denial-of-service (DDoS) attacks. It became prevalent in the Latin American region in 2011. It has various modules enabling it to gathe...
We have noticed the resurgence of the UPATRE malware family. This is attributed to the new arrival vectors attackers used to infect systems across the globe: social engineering lures, malicious downloads in embedd...
The VOBFUS family of worms is known for their download and propagation routines, which allowed them to gain prominence, as can be seen in the family’s increasing number of variants over time. These worms are know...
Background of the AttackA new phishing attack that originated
from Mexico
takes advantage of the controversial news about an allegedly missing
four-year-old girl, Paulette Gebara Farah, who was later found dead...
As of this writing, the said sites are inaccessible.