New Version of Zeus Malware Evades Detection

Bank-credential-stealing malware Zeus receives an upgrade from hackers, making it undetectable by malware scanners.

A new version of the infamous Zeus malware has been discovered by experts at Malcovery Security. The malware was found attached as a .zip file to spam emails which took on the appearance of legitimate organizations such as ADP, Better Business Bureau, and the British tax authority HMRC.

When downloaded and unpacked, a small application called UPATRE downloads a .enc file used to decrypt a file called GameOver Zeus. Because this files has an extension of .enc and not .exe, malware scanners are having a difficult time flagging it as malicious because technically, it isn’t malware.

Security experts advise administrators to look over their logs for the .enc file extension on any downloaded files.


Original article by Jeremy Kirk.
Read the full story here.

To see more content like this in your inbox, sign up for our newsletter here!

Related Posts

The Magnificent Seven 2023

Seven Trends . . . …that small bank Information Security Officers face in 2023 Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Welcome t...

“Keep Systems Updated” – Awareness Poster (Re-Release)

Another awareness poster for YOUR customers (and users). Now that we have our own employees aware, maybe it’s time to start posting content for our customers!Check out posters.infotex.com for th...