Consider this the flight to nowhere.
Researchers have discovered a variant of the Zeus banking trojan circulating in emails that offer recipients a link to check in to a US Airways flight. Except this flight doesn’t exist: It’s a con to get unsuspecting users to install malware.
Dmitry Tarakanov, a Kaspersky Lab researcher, said in a blog post Tuesday that the attacks were detected on March 20 and remained consistent for at least a week.
The criminals behind the spam campaign are targeting travelers on US Airways flights by trying to lure them into clicking on a link supposedly offering “online reservation details,” which includes check-in.
According to the blog post, several uniquely crafted emails were part of the campaign, but no matter their make-up, once a user clicks on the link contained within them, their computers are met with a number of redirects that lead to malicious code delivered via the Blackhole exploit kit.
The attacks take advantage of vulnerabilities in popular software — either Java, Flash Player or Adobe Reader — and ultimately result in a downloader installing the pernicious Zeus, or Zbot, trojan.
An undisclosed number of attacks have been reported by Kaspersky users in Russia, the United States, Italy, Germany and India.
A company spokesperson could not be reached for comment. A US Airways representative also could not be reached.