Difference between revisions of "Going solo: self-propagating ZBOT malware spotted"
Jump to navigation
Jump to search
m (1 revision imported) |
Revision as of 16:30, 7 February 2015
(Publication) Google search: [1]
| Going solo: self-propagating ZBOT malware spotted | |
|---|---|
| Botnet | ZeuS |
| Malware | Zbot |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2013 / 2013-06-10 |
| Editor/Conference | Trend Micro |
| Link | http://blog.trendmicro.com/trendlabs-security-intelligence/going-solo-self-propagating-zbot-malware-spotted/ blog.trendmicro.com (blog.trendmicro.com Archive copy) |
| Author | Abigail Pichel, Joie Salvio, Alvin Bacani |
| Type | Blogpost |
Abstract
“ Who says you can’t teach old malware new tricks? Recently, we reported on how ZBOT had made a comeback of sorts in 2013; this was followed by media reports that it was now spreading via Facebook. Now, we have spotted a new ZBOT variant that can spread on its own.
This particular ZBOT variant arrives through a malicious PDF file disguised as a sales invoice document. If the user opens this file using Adobe Reader, it triggers an exploit which causes the following pop-up window to appear:...
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1339,
editor = {Trend Micro},
author = {Abigail Pichel, Joie Salvio, Alvin Bacani},
title = {Going solo: self-propagating ZBOT malware spotted},
date = {10},
month = Jun,
year = {2013},
howpublished = {\url{http://blog.trendmicro.com/trendlabs-security-intelligence/going-solo-self-propagating-zbot-malware-spotted/ blog.trendmicro.com}},
}