FedEx Delivers Malware
Posted by: Timothy Weaver on 06/22/2016 09:40 AM [ Comments ]
The hackers are at it again with an email supposedly from FedEx with an attachment that delivers Fareit malware.
Fareit is a malicious file that delivers an information stealer that targets email passwords and browser-stored passwords, as well as FTP credentials.
According to Troy Gill, security researcher at AppRiver, the attachment is supposed to be a shipping notice of a package that was unable to be delivered.
“During our dynamic analysis, we observed all of the above being performed after the malware disabled local security tools,” he said, in a blog. “After scrapping the machine for the before mentioned credentials, it established an outbound connection and pulled down a copy of the ever-popular Zeus Trojan. Once the Zeus infection is in place, the attacker can gather more credentials such as banking information. In addition to having their data stolen, the victim’s machine is also vulnerable to being used to perpetuate more attacks or in future DDoS attacks.”
“The impact from suffering a ransomware attack and finding all of your files have been encrypted will depend greatly on the importance of those files and how well they have been backed up,” he said. “On the other hand, being unknowingly infected with Fareit/Zeus can lead to the theft of your sensitive credentials—which leads to further data theft, credit fraud and even identity theft.”
Express shipping spam has been a favorite of hackers for some time and anyone receiving such a notice should be very wary.
Source: InfoSecurity
According to Troy Gill, security researcher at AppRiver, the attachment is supposed to be a shipping notice of a package that was unable to be delivered.
“During our dynamic analysis, we observed all of the above being performed after the malware disabled local security tools,” he said, in a blog. “After scrapping the machine for the before mentioned credentials, it established an outbound connection and pulled down a copy of the ever-popular Zeus Trojan. Once the Zeus infection is in place, the attacker can gather more credentials such as banking information. In addition to having their data stolen, the victim’s machine is also vulnerable to being used to perpetuate more attacks or in future DDoS attacks.”
“The impact from suffering a ransomware attack and finding all of your files have been encrypted will depend greatly on the importance of those files and how well they have been backed up,” he said. “On the other hand, being unknowingly infected with Fareit/Zeus can lead to the theft of your sensitive credentials—which leads to further data theft, credit fraud and even identity theft.”
Express shipping spam has been a favorite of hackers for some time and anyone receiving such a notice should be very wary.
Source: InfoSecurity
Comments