Skip to main content

Giant Zbot Botnet Trying To Trick Microsoft OWA Users

Security experts have discovered a massive spam campaign going on this week, attempting to distribute the password-stealing Zeus Trojan application across the internet.

The Trojan has reportedly afflicting a large number of PCs across the globe and has created a massive botnet of zombie machines for circulating malicious spam attacks.

Recent reports of the spam attacks surrounding Zeus Trojan include bogus warning of a large-scale Conficker infection from Microsoft that offers a free “clean-up tool”.

According to researchers from the internet security vendor Trusteer, the current wave of spam attacks are primarily targeting the Microsoft Outlook Web Access e-mail service.

The attack includes sending fake e-mail messages containing Trojans to the users, and consequently tricking them into thinking they have to update the settings of their Outlook e-mail service.

A Trusteer spokesperson said in a statement: “The attack is highly effective because it pretends to be an e-mail from the corporate IT department asking the user to update their Microsoft Webmail (OWA) settings”.

The company further noted that once installed, the Trojan rolls into the browser and controls the traffic from there. Subsequently, it picks the login credentials of various sensitive accounts, including those relating to banks and other important financial entities.

Our Comments

OWA users could be in for a bad shock if they fall prey to the Zeus Trojan and it is interesting to see that the criminals have targeted this audience than anything else. The servers which are being used in these massive spam attacks are located in Russia, Romania, Hungary, Chile, and Columbia, according to Trusteer.

Related Links

Stealth Phishing Attack Looks Like Internal Email (opens in new tab)


Botnet Unleashes Variety Of New Phishing Attacks (opens in new tab)

(Dark Reading)

Zbot or Zeus, enormous botnet threatens with spam and malware (opens in new tab)

(MX Logic)

Zeus phishing wave targets Outlook Web Access users (opens in new tab)

(SC Magazine)

Désiré has been musing and writing about technology during a career spanning four decades. He dabbled in website building and web hosting when DHTML and frames were en vogue and started writing about the impact of technology on society just before the start of the Y2K hysteria at the turn of the last millennium. Following an eight-year stint at where he discovered the joys of global tech-fests, Désiré now heads up TechRadar Pro. Previously he was a freelance technology journalist at Incisive Media, Breakthrough Publishing and Vnunet, and Business Magazine. He also launched and hosted the first Tech Radio Show on Radio Plus.