Flight check-in emails lead to Zeus infection

Powered by SC Magazine
 

Cyber criminals have cloaked spam to resemble US Airways check-in emails in phishing attempts that lead to Zeus trojan infections.

Consider this the flight to nowhere.

Researchers have discovered a variant of the Zeus banking trojan circulating in emails that offer recipients a link to check in to a US Airways flight. Except this flight doesn't exist: It's a con to get unsuspecting users to install malware.

Dmitry Tarakanov, a Kaspersky Lab researcher, said in a blog post Tuesday that the attacks were detected on March 20 and remained consistent for at least a week.

The criminals behind the spam campaign are targeting travelers on US Airways flights by trying to lure them into clicking on a link supposedly offering "online reservation details," which includes check-in.

According to the blog post, several uniquely crafted emails were part of the campaign, but no matter their make-up, once a user clicks on the link contained within them, their computers are met with a number of redirects that lead to malicious code delivered via the Blackhole exploit kit.

The attacks take advantage of vulnerabilities in popular software -- either Java, Flash Player or Adobe Reader -- and ultimately result in a downloader installing the pernicious Zeus, or Zbot, trojan.

An undisclosed number of attacks have been reported by Kaspersky users in Russia, the United States, Italy, Germany and India.

A company spokesperson could not be reached for comment. A US Airways representative also could not be reached.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Tags
 
 
 
Top Stories
Abbott brings back Science minister in cabinet reshuffle
Science tacked onto to Industry title.
 
Beyond ACORN: Cracking the infosec skills nut
[Blog post] Could the Government's cybercrime focus be a catalyst for change?
 
The iTnews Benchmark Awards
Meet the best of the best.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  4%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  3%
 
A Federal Government agency (ATO, Centrelink etc)
  19%
 
An Australian law enforcement agency (AFP, ASIO et al)
  14%
 
A State Government agency (Health dept, etc)
  6%
TOTAL VOTES: 1919

Vote
Do you support the abolition of the Office of the Information Commissioner?