November 10, 2011

ACH debit transfer emails leading to malware

Users should be cautious if they receive an email purportedly containing information about an Automated Clearing House (ACH) debit transfer created on their behalf, as it could lead to malware, researchers from anti-virus company MX Lab, said in a blog post Wednesday. Attackers have been circulating a trojan in emails containing subject lines such as: “ACH payroll payment was not accepted by Central Trust and Savings Bank.” The messages direct users to click on a link to review the transaction details, which lead to a site where malware is hosted. The malicious code executes several Windows registry changes and establishes a connection with the attackers' IP address.
Related Articles
Related Topics
Related Links

Sign up to our newsletters

More in News

House Intelligence Committee OKs amended version of controversial CISPA

Despite the 18-to-2 vote in favor of the bill proposal, privacy advocates likely will not be satisfied, considering two key amendments reportedly were shot down.

Judge rules hospital can ask ISP for help in ID'ing alleged hackers

The case stems from two incidents where at least one individual is accused of accessing the hospital's network to spread "defamatory" messages to employees.

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.