Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Consider this the flight to nowhere.
Researchers have discovered a variant of the Zeus banking trojan circulating in emails that offer recipients a link to check in to a US Airways flight. Except this flight doesn't exist: It's a con to get unsuspecting users to install malware.
Dmitry Tarakanov, a Kaspersky Lab researcher, said in a blog post Tuesday that the attacks were detected on March 20 and remained consistent for at least a week.
The criminals behind the spam campaign are targeting travelers on US Airways flights by trying to lure them into clicking on a link supposedly offering "online reservation details," which includes check-in.
According to the blog post, several uniquely crafted emails were part of the campaign, but no matter their make-up, once a user clicks on the link contained within them, their computers are met with a number of redirects that lead to malicious code delivered via the Blackhole exploit kit.
The attacks take advantage of vulnerabilities in popular software -- either Java, Flash Player or Adobe Reader -- and ultimately result in a downloader installing the pernicious Zeus, or Zbot, trojan.
An undisclosed number of attacks have been reported by Kaspersky users in Russia, the United States, Italy, Germany and India.
A company spokesperson could not be reached for comment. A US Airways representative also could not be reached.
This article originally appeared at scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
