The bank-account-stealing Trojan keeps targeting Internet users

Dec 8, 2011 19:51 GMT  ·  By

Email messages pretending to originate from the Federal Deposit Insurance Company (FDIC) have been seen landing in inboxes these days, alerting the recipient on an “important information” about his bank.

The emails appear to be coming from a spoofed address that replicates a legitimate one, reports Mxlab.

“Dear Business Customer, We have important information about your bank. Please refer to attached file to view information. This includes information on the acquiring bank (if applicable), how your accounts and loans are affected, and how vendors can file claims against the receivership. FDIC USA Questions for FDIC? Contact Us,” reads the phony notification.

The attached file is represented by a ZIP archive that contains an executable called account.exe which turns out to be a variant of the infamous ZeuS Trojan.

At press time, only 10 out of 43 security solutions providers detected the file as being a threat, but hopefully, others will soon follow. Until then, users are advised to immediately delete such emails and make sure an antivirus program is up and running.