TechBlog

Security News? Just a few clicks away

Tag Archives: ZBot

A ZBot trojan variant in emails pretending to come from DHL

We all thought that the days of ZBot trojan are long gone, but maybe it was only our hope and not the reality. We have started to detect in an aggressive spam campaign with emails pretending to come from DHL, … Continue reading

Fake Certificate in Malware – with Message

The malware authors every now and then send us virus researchers some messages. For example in the compiled binary itself, or as debug output. Now we found a Zbot Trojan variant which tries to evade detection by carrying a digital … Continue reading

Malware signed with fake Avira Certificate

While analyzing new malware samples we stumbled over a sample which contains a digital Avira signature. Something we need to check! Viewing the properties of the digital signature, Microsoft Windows shows a note “A certificate chain processed, but terminated in … Continue reading

Kneber-Botnet – something new?

The news spreads on the net that a new, giant botnet has been detected, named “Kneber”. It seems to have hijacked more than 75,000 PCs world-wide, also in companies and government nets. Upon closer investigation it turns out that the … Continue reading

ZeuS-Botnet: Command&Control in the Cloud

The ZeuS Tracker project stumbled upon a ZBot variant which used Amazons Cloud hosting service EC2 as Command&Control (C&C) server. ZBot is a widespread trojan which can spy on online banking credentials and steals other login information. It gets sold … Continue reading