November 10, 2011

ACH debit transfer emails leading to malware

Users should be cautious if they receive an email purportedly containing information about an Automated Clearing House (ACH) debit transfer created on their behalf, as it could lead to malware, researchers from anti-virus company MX Lab, said in a blog post Wednesday. Attackers have been circulating a trojan in emails containing subject lines such as: “ACH payroll payment was not accepted by Central Trust and Savings Bank.” The messages direct users to click on a link to review the transaction details, which lead to a site where malware is hosted. The malicious code executes several Windows registry changes and establishes a connection with the attackers' IP address.
Related Articles
Related Topics
Related Links

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.