Search
Keyword: zbot
VAWTRAK first made the rounds via attachments to fake shipping notification emails in August 2013. The attachment was actually a ZIP file that contained a malicious file, detected as BKDR_VAWTRAK.A, which was initially ...
This CryptoLocker is downloaded by a ZeuS/ZBOT variant detected as TSPY_ZBOT.VNA. When executed, it encrypts files and asks users to purchase a decrypting tool. To get a one-glance comprehensive view of the behavior of this Trojan, refer to the Threa...
In the past, cybercriminals have crafted malicious files that exhibit explicit behavior such as in the case of FAKEAV, ransomware, and adware which display noticeable message prompts and pop-ups. However, ther...
Background of the Attack
In a recent spam run, TrendLabsSM engineers came a...
What do the sites LinkedIn, eHarmony, last.fm, League of Legends, and Yahoo! have in common? All of these websites suffered from major data leaks that exposed millions of user names and passwords online. These incid...
This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It deletes itself after execution.
This is the Trend Micro detection for KINS Trojan, dubbed as the next ZeuS by media reports. Similar to ZeuS/ZBOT, it downloads configuration file and steals online banking credentials. However, it uses a different packer and has anti-debugging and a...
This ZBOT variant was used in a spam run which takes advantage of the UK Tax Return deadline. The said spam message purports to come from HM Revenue and Customs in the UK and informs users of a certain VAT return receipt.
To get a one-glance compreh...
This spyware is a variant of the info-stealing ZBOT/ZeuS malware family that aims to defeat the two-factor security authentication of banks using a ZeuS mobile malware, such as WINCE_ZBOT.B, to steal text messages from affected users' mobile devices....
This malware is noteworthy due to the click fraud routines it exhibits as an entirely new strain of ZBOT. It is capable of opening browser windows and perform mouse actions without user intervention. Users with systems affected by this malware may ex...
What is STUXNET?STUXNET is a worm that initially made news in July due to its use of certain vulnerabilities to propagate and execute its routines. The media, as well as the security industry, have taken interest...
This spyware may be downloaded by other malware/grayware from remote sites.It does not have any propagation routine.It steals certain information from the system and/or the user.It deletes itself after execution.
This malware is part of the 64-bit ZBOT samples that have been spotted to target 64-bit systems during January 2014. Users affected by this malware may find the security of their systems compromised and their critical personal information stolen (suc...
This ZBOT variant was used in a spam run which takes advantage of the UK Tax Return deadline. The said spam message purports to come from HM Revenue and Customs in the UK and informs users of a certain VAT return receipt.
This Spyware may be downlo...
This ZBOT variant is embedded in a .DOCM or macro-enabled document file, which arrives as spammed email attachment. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Diagram shown below.This spyware arrives ...
This ZBOT variant is related to a spam run in which its technique involves spammed messages containing .MSG attachment that contains a .ZIP file attached. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threat Dia...
This ZEUS/ZBOT variant is found to be distributed via spam campaign in mid-2014. The spammed messages in the said campaign used a certain file storage service. To get a one-glance comprehensive view of the behavior of this Spyware, refer to the Threa...
This spyware arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.It modifies Internet Explorer security settings. This puts the affected computer at greater risk, as it al...
This ZBOT variant drops a configuration file that contains a list of its targeted banks and other financial sites. It also steals information from different FTP sites and steals personal certificates from the infected system. It is also related to in...