Massive Spam Campaign Masquerades As Failed Wire Transfer

Graphics hosted by Federal Reserve bear the password-stealing Zeus Trojan

A new spam campaign is delivering hundreds of thousands of messages that masquerade as a failed wire transfer but deliver the password-stealing Zeus banking Trojan, researchers say.
The gangs that distribute variants of this malware are especially interested in banking credentials belonging to small businesses and government agencies, researchers from Barracuda Networks said in a
blog
on Wednesday.
Compared to the average consumer, these entities often have more money in their accounts and set higher limits on wire transfers, the researchers said. One thing small organizations don’t always realize is that they do not enjoy the same protections against fraudulent transactions that consumers do.
The spams use graphics hosted by the Federal Reserve, according to the blog. Much like last weeks Chase Paymentech spam campaign, these notices are of particular interest to financial professionals, it says. Unlike the more sophisticated Chase emails, these are a simple affair with poorly constructed text and no attempt at hiding the executable nature of the linked payload.
The spammers try to hide the malware behind a double extension of .pdf.exe, but there is no PDF, the researchers warn. If it is downloaded, the Trojan will run quietly in the background, intercepting browser traffic, watching for credentials, and sending anything it finds to its command-and-control server.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Massive Spam Campaign Masquerades As Failed Wire Transfer