14 DAY TRIAL // The ZeuS Trojan has become notorious for its information-stealing capabilities. However, experts have found that the malware can also be used for low-tech cybercrimes, such as 419 scams, or Nigerian scams.
According to RSA researchers, cybercriminals from West Africa are using ZeuS to harvest email addresses of potential victims.
“The Zeus attacks being deployed in these cases are targeted attacks – once a contact list is obtained from any one company, the fraudster follows up with a spear-phishing email campaign of sorts, in hopes of getting recipients infected with the Zeus Trojan,” Idan Aharoni, head of cyber intelligence at RSA, explained.
He added, “This is where things get a little quirky: after a successful infection, all the botmaster attempts next is to pull out additional e-mail lists of potential new victims.”
The 419 scam emails in this case are designed to appear as if they come from a buyer interested in the targeted company’s goods. To make the deal more tempting, the scammers claim they will surely sell off all the goods, and they add various incentives.
The trick is that they claim to be low on case, so they ask the targeted company for credit. Most of the targeted organizations are based out of Asia.