Information-Stealing Fareit Malware Used Against Wells Fargo Customers

The Trojan is capable of performing a wide range of malicious activities

  Bogus Wells Fargo notification (click to see full)
Security experts are warning Wells Fargo customers to be on the lookout for malware-carrying emails that purport to come from the financial organizations.

Security experts are warning Wells Fargo customers to be on the lookout for malware-carrying emails that purport to come from the financial organizations.

Bitdefender has spotted a spam campaign that leverages bogus “Important Documents” notifications sent to Wells Fargo customers in an effort to distribute an information-stealing malware called Fareit.

Once it’s installed on a computer, the Trojan allows cybercriminals to harvest passwords and other sensitive information and send it back to a remote server.

In addition to stealing data, the malware is also capable of abusing the infected device for distributed denial-of-service (DDOS) attacks. Fareit is also designed to download and execute other threats, such as the notorious banking Trojan ZeuS.

The attack aimed at Wells Fargo customers starts with an innocent-looking email that claims to carry “important documents.” The links from the notification point to the legitimate Wells Fargo website in an effort to avoid raising any suspicion.

However, the attachment – which appears to be a PDF file – unleashes the Trojan.

Over the past week, the Fareit Trojan has been spotted in France, Croatia, Australia, Spain, Belgium, Italy, Egypt, Romania and the UAE.

Comments