Advertisement - Your Ad Here!

Trojan-Spy.Win32.Zbot.jzb Trojan Flying High In Northwest Airlines Spam Emails

January 13, 2009 – 1:25 pm
Advertisement - Your Ad Here!
Prednisone To Treat Fatique Lipitor Elevated Igg Rainbow Brite Movie Torrent Tramadol Online No Prescription Cod Hgh Benefits And Side Effects Viagra Tarket Market Achilles Tendon Tears And Cipro Dr Paul Donohue Cholesterol Medicine Lipitor Inderal For Fear Neurontin Capsules Cipro Muscles Rainbow Brite Techno Song Exercise After Breast Augmentation Aleve Tablet Herbal Phentermine Ultra Contact1 Tramadol Levitra Versus Cialis Cipro 500 Mg B I D Is Coumadin A Diuretic Imdur Contraindications Micardis Powder Hazardous Classification Tramadol Pain Control Zoloft Night Bone Loss And Nexium Intake Does Motrin Thin Blood Is Tramadol A Opiate Hoodia Aerial Parts Vytorin Mental Wellbutrin Geodon Strattera Crestor Melatonin Antidepressants Weining Off Nexium Natural Lexapro Mobic Vs Diclofenac Can 5 Somas Kill U Natures Way Coral Calcium Aldactone Suspension Glucophage Mg Dilantin Messageboards Cymbalta After Taking Prozac For Years Class Action Suit For Avandia Hgh Nutritional Supplement Home Business Avapro Information Aura Soma Consultant In St George Provocal Verses Zetia Cheap Generic Drugs Viagra Cialis Levitra Allegra Enochs Aleve Vs Advil Effect Of Zoloft Liquid Motrin Boehringer Ingelheim Micardis Hct Rebate

It seems to be an epidemic of spammers sending Trojans through spam emails and this time they are literally flying high with a new wave of Northwest Airlines Spam messages that contains a Trojan.

The Trojan has been identified as Trojan-Spy.Win32.Zbot.jzb which may be called W32/Trojan-Gypikon-based.BA!Maximus or PWS:Win32/Zbot.gen!R over the internet. The Trojan-Spy.Win32.Zbot.jzb Trojan comes from a Zip file attachment called “NorthwestAirlines.zip”. To further entice users to download this malicious file the spam message creators made the email message seem as if the message is a confirmation of purchasing an online Northwest Airlines ticket. Below is how the email reads.

Hello!
“Thank you for using our new service “Buy Northwest Airlines ticket Online” on our website.
Your account has been created:
Your login: ida.camacho@t********.com
Your password: passXNK0
Your credit card has been charged for $471.52.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the Northwest Airlines ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!
Kind regards,
Damian Muller
Northwest Airlines”

northwest airlines spam message contains trojan

If you even get an email that closely resembles the wording of the above message it is important that you delete it at once. Do not download attachments from any email message unless you are 100% sure of the sender or source of the message.

What is so dangerous about this infection is that Trojan-Spy.Win32.Zbot.jzb is a rootkit Trojan that has the ability to steal banking information as well as download other malware. It is possible that this Trojan edits certain registry entries or adds new ones. The files created by this Trojan are as follows:

%System%\twain32\local.ds
%System%\twain32\user.ds
%System%\twain32\user.ds.lll
%System%\twex.exe

Do you purchase your airline tickets online? Do you get an email conformation that looks anything like this spam message?

Post a Comment

*
To prove you're a person (not a spam script), type the security word shown in the picture.
Anti-Spam Image

PCHubs.com Connect Your PC Safely Contact Us | About Us | Advertise With Us | Terms of Use | RSS Feed