New Verizon Wireless-themed Zeus campaign hits

Share this article:
A malicious spam campaign masquerading this weekend as a message from Verizon Wireless was propagating the Zeus trojan, according to researchers at internet security vendor SonicWALL.

The messages, which seemed to be coming from Verizon Wireless Customer Service, falsely informed recipients that their credit balance was over the limit and asked them to check their account details by using a tool attached to the message.

The message was not really from Verizon Wireless and the attachment contained the notorious data-stealing trojan Zeus, also known as Zbot, researchers at SonicWALL said.

Deepen Desai, senior software engineer at SonicWALL, told SCMagazineUS.com on Monday that the malicious messages started being sent on Friday morning at a rate of about 200,000 emails per hour, which continued throughout the weekend. By this morning, the campaign stopped, but not before attackers sent the message approximately nine million times, he said.

“This [campaign] was short, but the volume was very high compared to what we have seen in the past,” Desai said.

Over the weekend, those behind the scam "repackaged" the trojan six different times to avoid anti-virus detection, Desai said.

Zeus has been circulating since at least 2006. The trojan typically aims to capture infected users' banking login credentials and send them back to a command-and-control hub.

A Verizon spokeswoman said the company was aware of the spam run.

“We're aware of this spam/phishing message being sent to our customers over the past several days, and have taken steps to stop it from occurring,” she told SCMagazineUS.com in an email Monday. “As with other unknown emails or links, we'd encourage people who receive this message not to click on it, and delete it immediately.”

Recently, Zeus has been propagated through spam messages claiming to be a password reset request from MySpace, a notice from the IRS and a critical update for Microsoft Outlook.
Share this article:

Sign up to our newsletters

More in News

Brazilian president signs internet 'Bill of Rights' into law

Brazilian president signs internet 'Bill of Rights' into ...

President Dilma Rousseff signed the legislation on Wednesday at the NetMundial conference in Sao Paulo.

Android trojan sends premium SMS messages, targets U.S. users for first time

Android trojan sends premium SMS messages, targets U.S. ...

An SMS trojan for Android, known as FakeInst, has been observed sending premium SMS messages to users all over the world, including, for the first time, the United States.

Report: DDoS up in Q4 2013, vulnerability scanners leveraged to exploit sites

Report: DDoS up in Q4 2013, vulnerability scanners ...

Researchers observed 346 DDoS attacks in the final quarter of 2013 and attackers used Vega and Skipfish vulnerability scanners to exploit web flaws at financial companies.