Policy violation letters trick SMB workers into downloading malware | SC Media
TDR

Policy violation letters trick SMB workers into downloading malware

September 23, 2014

A recent spam wave detected by Bitdefender tricks employees at small and medium-sized businesses (SMBs) into downloading Zbot or Zeus via letters that accuse them of breaking company policy.

The malware steals banking credentials as well as financial usernames and password, and email and FTP information. Bitdefender discovered that the wave began accelerating a week ago, after “dozens of unique .ARJ compressed files” infected computers.

Using ARJ-compressed files to distribute malware, heretofore a rarity, is growing in popularity, in part, because they're easily opened by a number of zip file software programs. 

Because that compression systems is used infrequently, “spammers very well may think of it as a new method to avoid being detected by traditional security” solutions, Bitdefender antispam researcher, Adrian Miron, said in a release

prestitial ad