Researchers with Malcovery have identified a new piece of malware based closely on the Gameover variant of the nefarious Zeus trojan, a threat that was heavily disrupted in a massive international operation in early June.
The trojan is being delivered in spam emails claiming to be from banks, including M&T Bank and National Westminster Bank, according to a Thursday post. Each email comes attached with a ZIP file, and each ZIP file contains the same malicious SCR file.
Compared to the original Gameover Zeus trojan, this malware contains a new Domain Generation Algorithm list, as well as a new fast flux hosted command-and-control strategy, according to the post.
“Malcovery was able to identify a number of the command-and-control hosts believed to be involved in this attempt to revive the Gameover botnet,” the researchers noted.