Zbot Targets Major Banks Across the World

At Virus Bulletin, we presented on some of the nastiest families of 2009, and zbot was one of them. Early Sunday morning was the first that the ThreatFire community started seeing a newer variant of the banking password stealing family “Zbot” in fairly high prevalence, served on a system hosted in Sweden ( This variant is interesting in that it indiscriminately targets banks all over the world — the U.S., Germany, Italy, Spain, Russia, England, Ireland, etc. (the ThreatExpert report lists the banking sites here), but the users being attacked appear to be concentrated within the U.S. for now.

As always, be sure to update third party plugins (like flash players and pdf readers) in addition to your system software and add a behavioral layer of protection like ThreatFire.

This entry was posted in The Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>