Earlier today we started receiving a flood of emails and phone calls regarding a new trojan ZBot virus variant making the rounds via email. We have already seen several variants to this trojan in a relatively short time period. These emails can come from support@*****.com, info@*****.com or alert@*****.com where ***** is the domain name that is being used in the recipient’s email address. This makes the receiver think it is from a legitimate person or department within your company.
We are recommending identifying the email by the information below then immediately deleting it. Below are some additional identifiers to help keep you safe and secure.
Possible subjects are:
Possible email bodies are:
The malware is not attached to the email so detection by antivirus applications is difficult. The email does contain a link that will take you to a website where you will need to download a executable file and apply the new settings.
The ZBot trojan can disable your firewall, steal sensitive financial data (credit card numbers, online banking login details), makes screenshots, downloads additional components, and provides a hacker with remote access to your compromised system.
Some of the symptoms of a possible infection include programs that claim to scan for malware and display fake warnings of malicious files. They then inform you that they you need to pay money to register the software in order to remove these non-existent threats as well as install new shortcuts on your desktop for “XP AntiSpyware 2009″, “AntiSpywareXP 2009″, “PC Security 2009″ or similar names. Once these ZBot variants have been installed on your computer you may see fake file scanners, warning messages and fake pop-up warning messages in your system tray.
Here are our recommended security tips to better protect your system:
- Enable a firewall on your computer
- Get the latest computer updates
- Run up-to-date virus and spyware applications
- Use caution when working with attachments
- Use caution when clicking on links to websites
- Leverage CTTS’s proactive IT support with Managed Services
CTTS Managed Services is a preventive model verses an emergency break-fix model. With your systems being monitored 24 hours a day, 365 days a year we are alerted of the problem and can begin resolving it immediately. These cutting-edge services save your business downtime and money.
By continually monitoring your critical Network Servers, Desktops, Network Devices and Critical Business Applications, these Managed Services insure uninterrupted availability. All of our remote support services are included in one flat, low monthly fee. That means that you can receive all of the following services:
- Antivirus Software, Removal and Management
- Spyware Software, Removal and Management
- Microsoft Security Patch Management and Deployment
- Hardware and Software Asset Tracking
- Hardware Monitoring
- Automatic Removal of Temporary files
- Executive Reports Emailed Monthly
- Much, much more… at a constant monthly flat fee
We have affordable options available for both large enterprise operations and home base businesses.
If you have any questions or would like assistance protecting yourself from this threat please email or call us right away.
{ 2 comments… read them below or add one }
Hey Josh,
Thanks for the heads-up. I’ll keep an eye out. I pray blessings on you, your family and your business.
Sincerely,
Chris Johnson
Jubilee World Missions
Hey Chris, Thanks for kind words and prayers! Having the opportunity to work with great people like you makes it easy. I hope our website and services can help keep you informed, secure and productive.