The Websense Security Labs has revealed that a Zbot Trojan campaign is spreading through emails which connect the PC to a nasty remote server in China. Around 2,200 messages have been reported till date.
Zbot commonly referred as Zeus steals the information about confidential data from every infected computer.
It makes use of malicious PDF file that consists of the threat as an attachment which when opened asks to save a PDF file called Royal_Mail_Delivery_Notice.pdf. The recipient saves it in personal computer believing it to be general file which is actually a file with virus that takes control over the computer.
The Zbot Trojan makes a subdirectory under %SYSTEM32% with name as “lowsec” and drops the “local.ds” and “user.ds” files that are configuration files for the virus. It also drops an executable “sdra64.exe” and modifies the registry entry “%SOFTWARE%\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit” to launch itself during system startup. While running, it inputs the malicious code into the Winlogon.exe instance in memory connecting to the remote sever in China using an IP address of 59.44.[removed].[removed]:6010.
So update the anti-virus in your PC so as to keep it Trojan free.
Gary Marsh to Exit as Disney Branded Television President,
‘The Many Saints of Newark’ Magical and Burdensome, Reviews
‘Shang-Chi’ Adds $21 Million as Box Office Slows Down
‘The Eyes of Tammy Faye,’ ‘The Card Counter’ Revive Indie
‘Trust Me, You Don’t Want This’
Celebrities6 years ago
TV Query: Can ‘Lucifer’s’ Tom Ellis play the piano in real life?
Movies News6 years ago
Aubrey O'Day Reveals Pauly D Has His Penis Pierced: ''We've Been Having Rea…
Celebrities7 years ago
Chantel Jeffries In A Thong Bikini At The Beach In Miami
Celebrities5 years ago
‘Vikings’: Who’s the man with one eye? We know the answer