Giant Zbot Botnet Trying To Trick Microsoft OWA Users

Security experts have discovered a massive spam campaign going on this week, attempting to distribute the password-stealing Zeus Trojan application across the internet.

The Trojan has reportedly afflicting a large number of PCs across the globe and has created a massive botnet of zombie machines for circulating malicious spam attacks.

Recent reports of the spam attacks surrounding Zeus Trojan include bogus warning of a large-scale Conficker infection from Microsoft that offers a free “clean-up tool”.

According to researchers from the internet security vendor Trusteer, the current wave of spam attacks are primarily targeting the Microsoft Outlook Web Access e-mail service.

The attack includes sending fake e-mail messages containing Trojans to the users, and consequently tricking them into thinking they have to update the settings of their Outlook e-mail service.

A Trusteer spokesperson said in a statement: “The attack is highly effective because it pretends to be an e-mail from the corporate IT department asking the user to update their Microsoft Webmail (OWA) settings”.

The company further noted that once installed, the Trojan rolls into the browser and controls the traffic from there. Subsequently, it picks the login credentials of various sensitive accounts, including those relating to banks and other important financial entities.

Our Comments

OWA users could be in for a bad shock if they fall prey to the Zeus Trojan and it is interesting to see that the criminals have targeted this audience than anything else. The servers which are being used in these massive spam attacks are located in Russia, Romania, Hungary, Chile, and Columbia, according to Trusteer.

Related Links

Stealth Phishing Attack Looks Like Internal Email


Botnet Unleashes Variety Of New Phishing Attacks

(Dark Reading)

Zbot or Zeus, enormous botnet threatens with spam and malware

(MX Logic)

Zeus phishing wave targets Outlook Web Access users

(SC Magazine)