Spam, Notifying Legal Changes, Thrust Malware; Dynamoo’s Blog

According to Dynamoo's Blog, cyber crooks are spreading one fresh malicious program through e-mail, which contains a file attachment asserting it is one legal document delineating thorough information regarding the latest law modifications related to fraud operations, published softpedia.com dated June 25, 2015.

Also, with signatory's name as Pamela Adams in the said e-mail who poses as chief accountant, it is indicative that rather than individual users, the e-mail campaign aims at businesses.

When installed, the malicious program loads the Upatre installer in the form of gebadof.exe followed with the banker Trojan Dyre or qppwkce.exe. Essentially, a PC that gets contaminated with one is more likely to have the other. This follows the notoriety of the pair during recent months.

From initial examination, it has been found that at most 3 security solutions from VirusTotal were able to detect the two programs.

Lately, the detection has been better, though not considerably, since one sample threat became noticeable with 16 solutions from the total 55, while just 9 engines could detect the other.

Security Blogger Conrad Longmore with Dynamoo's Blog after collecting the malware found that its traffic results were associated with various Internet Protocol addresses within USA, Czechoslovakia, Serbia, Ukraine, Slovakia and Russia, reported blog.dynamoo.com dated June 24, 2015.

Disturbingly, the above kind of spam attacks show that bank info-stealing malicious software, especially the Dyre Trojan, is greatly spreading online.

Trend Micro the security company was first to educe the above observation when through the January-March report it released during the 1st-week of June 2015 the company noted almost 9,000 Dyre contaminations during January-March 2015 compared to 4,000 during October-December 2014.

Symantec another security vendor lately echoed the above observation within its threat report titled "Dyre: Emerging threat on financial fraud landscape" wherein the company discussed about noticing speedy increase in employment of Dyre after the earlier notorious Gameover Zeus banker Trojan was attempted at destabilizing.

In his remark, Global Threat Communications Manager Christopher Budd of Trend Micro states that it is vital for noting how the general trend of increased banking malicious programs is occurring year-after-year. SCMagazine.com reported this dated June 25, 2015.

» SPAMfighter News - 7/3/2015