AppRiver finds password-protected Zbot malware found in the wild

The Zbot malware is designed to steal money and is cleverly disguised in a ZIP file that really is a RAR file, security researchers warn

By: Michael Hatamoto | Hacking & Security News | Posted: Jun 19, 2014 6:14 pm

Comment | Email to a Friend | Font Size: A A

Cybercriminals are spoofing emails from a legitimate company, Berkeley Futures Limited, and the Zbot malware attached is now in the wild, security researchers have discovered. The attached ZIP file is password-protected so it cannot be scanned with anti-virus or anti-malware software until the user unlocks the file.

appriver_finds_password_protected_zbot_malware_found_in_the_wild_01

Users need to be more aware of cybersecurity issues, because an attached password in the body of the email should be an immediate red flag to Internet users. However, the cybercriminals behind it must find success if they are using the same tactic to compromise users.

The attachment has two files, a fake SCR spreadsheet file and a fake invoice in the form of a PDF. The file attachment is really a RAR file and not a ZIP file - a unique twist on compromising users, because many people have programs to attach ZIP files, but not everyone can open RAR files.

NEWS SOURCES:Blogs.appriver.com