Bank-credential-stealing malware Zeus receives an upgrade from hackers, making it undetectable by malware scanners.
A new version of the infamous Zeus malware has been discovered by experts at Malcovery Security. The malware was found attached as a .zip file to spam emails which took on the appearance of legitimate organizations such as ADP, Better Business Bureau, and the British tax authority HMRC.
When downloaded and unpacked, a small application called UPATRE downloads a .enc file used to decrypt a file called GameOver Zeus. Because this files has an extension of .enc and not .exe, malware scanners are having a difficult time flagging it as malicious because technically, it isn’t malware.
Security experts advise administrators to look over their logs for the .enc file extension on any downloaded files.
Original article by Jeremy Kirk.
Read the full story here.