<<<
NEWS FROM THE LAB - Thursday, August 28, 2008
>>>
 

 
Western Union MTCN #2989115571 Posted by Mikko @ 11:10 GMT

Fake airplane tickets, greetings cards and credit card receipts…

There's plenty of ZIPped trojans being spammed around. The one that's being seeded right now claims to be a bounced Western Union money transfer.

Attention! The wire sent to Maksim Zverev, Moscow, Russia has been blocked by our security service. Your credit card issuing bank has halted the transaction by the demand of the Federal Criminal Investigation Service (case No. 44571 since the recipient has been undergoing the international retrieval by the InterPol. Please contact the closest Western Union office and make sure you have your ID card, the credit card that was used for making the payment, and the invoice file with you.

And the malware inside the ZIP is a ZBot banking trojan variant.

Attention! The wire sent to Maksim Zverev, Moscow, Russia has been blocked by our security service. Your credit card issuing bank has halted the transaction by the demand of the Federal Criminal Investigation Service (case No. 44571 since the recipient has been undergoing the international retrieval by the InterPol. Please contact the closest Western Union office and make sure you have your ID card, the credit card that was used for making the payment, and the invoice file with you.