another approach?

Discussion in 'Computer Security' started by kreepz, Sep 10, 2008.

  1. kreepz

    kreepz Guest

    went to my hotmail account to check my email and found the following
    email....



    Hello! Attention! The wire sent to Vladimir Kirkorov, Moscow, Russia has
    been blocked by our security service. Your credit card issuing bank has
    halted the transaction by the demand of the Federal Criminal Investigation
    Service (case No. 20721 since the recipient has been undergoing the
    international retrieval by the InterPol. Please contact the closest Western
    Union office and make sure you have your ID card, the credit card that was
    used for making the payment, and the invoice file with you. (The invoice
    file is attached to this message; please print it out and hand it to our
    agent.) You can find the address of the closest Western Union agent on our
    website at http://www.westernunion.com Thank you!attached:MTCN.zip 56.kb
    which was detected: Trojan program Trojan-Spy.Win32.Zbot.ero anyone have any
    info on it? google only returns 4 results but no information about it.
     
    kreepz, Sep 10, 2008
    #1
    1. Advertising

  2. kreepz

    Ari Guest

    On Wed, 10 Sep 2008 09:29:09 -0700, kreepz wrote:

    > Thank you!attached:MTCN.zip 56.kb
    > which was detected: Trojan program Trojan-Spy.Win32.Zbot.ero anyone have any
    > info on it? google only returns 4 results but no information about it.


    http://scanner.virus.org/
     
    Ari, Sep 10, 2008
    #2
    1. Advertising

  3. kreepz

    Duh_OZ Guest

    Ahh, the good old Zbots. I've had many 'hooks' associated with them,
    latest was about some plane ticket I bought.

    Not too pleased as NOD32 missed a few ;-(

    And no I wasn't infected, but did submit the obvious infected .exe's
    to virustotal and any missed ones directly to Eset (zipped, and
    password protected with infected).
     
    Duh_OZ, Sep 11, 2008
    #3
  4. kreepz

    Discovery Guest

    so funny~~American...Too Smart..
    "kreepz" <(remove" _-" to reply)> дÈëÏûÏ¢ÐÂÎÅ:yBSxk.12916$...
    > went to my hotmail account to check my email and found the following
    > email....
    >
    >
    >
    > Hello! Attention! The wire sent to Vladimir Kirkorov, Moscow, Russia has
    > been blocked by our security service. Your credit card issuing bank has
    > halted the transaction by the demand of the Federal Criminal Investigation
    > Service (case No. 20721 since the recipient has been undergoing the
    > international retrieval by the InterPol. Please contact the closest
    > Western Union office and make sure you have your ID card, the credit card
    > that was used for making the payment, and the invoice file with you. (The
    > invoice file is attached to this message; please print it out and hand it
    > to our agent.) You can find the address of the closest Western Union agent
    > on our website at http://www.westernunion.com Thank you!attached:MTCN.zip
    > 56.kb which was detected: Trojan program Trojan-Spy.Win32.Zbot.ero anyone
    > have any info on it? google only returns 4 results but no information
    > about it.
    >
    >
     
    Discovery, Sep 11, 2008
    #4
  5. kreepz

    kreepz Guest

    thanx for the info and feedback ipw! it is very much appreciated.


    "1PW" <> wrote in message
    news:D...
    > On 09/10/2008 09:29 AM, kreepz sent:
    >> went to my hotmail account to check my email and found the following
    >> email....
    >>
    >>
    >>
    >> Hello! Attention! The wire sent to Vladimir Kirkorov, Moscow, Russia has
    >> been blocked by our security service. Your credit card issuing bank has
    >> halted the transaction by the demand of the Federal Criminal
    >> Investigation
    >> Service (case No. 20721 since the recipient has been undergoing the
    >> international retrieval by the InterPol. Please contact the closest
    >> Western
    >> Union office and make sure you have your ID card, the credit card that
    >> was
    >> used for making the payment, and the invoice file with you. (The invoice
    >> file is attached to this message; please print it out and hand it to our
    >> agent.) You can find the address of the closest Western Union agent on
    >> our
    >> website at http://www.westernunion.com Thank you!attached:MTCN.zip 56.kb
    >> which was detected: Trojan program Trojan-Spy.Win32.Zbot.ero anyone have
    >> any
    >> info on it? google only returns 4 results but no information about it.
    >>
    >>

    >
    > Hello:
    >
    > If you have downloaded attachment, you might consider sending it to:
    >
    > <http://www.virustotal.com/>
    >
    > but do not open it. After sending the suspected attachment to the
    > above, delete it.
    >
    > If you have *not* downloaded the attachment, no harm will come to you,
    > but delete it from your hotmail account.
    >
    > If you have no knowledge of the transaction, and you do have a credit
    > card, you would do well to contact your credit card issuer for
    > validation of recent charges. If the credit card issuer, and you, agree
    > that no fraudulent charges have been made against your account, consider
    > the email to be a phishing scam with an added nasty payload. If a
    > suspected fraudulent charge has been made, challenge it immediately
    > with the credit card issuer.
    >
    > The malware, you describe above, seems to be only a few days in the
    > wild. However, it may be a variant of a similar one.
    >
    > While all this is fresh in your memory, check your system for good
    > protection on all fronts. After checking their update status, perhaps a
    > full system scan, using all your protection applications, is in order.
    >
    > Thank you kindly for this informative posting. Please reply with a post
    > as to your results so others may benefit.
    >
    > Best wishes to you
    >
    > --
    > 1PW
    >
    > @?6A62?FEH9:DE=6o2@=]4@> [r4o7t]
     
    kreepz, Sep 18, 2008
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?R2F2aW4=?=

    Core Exams - Best approach to take?

    =?Utf-8?B?R2F2aW4=?=, Jan 30, 2006, in forum: MCSE
    Replies:
    1
    Views:
    435
    =?Utf-8?B?cm9iZXJ0ZC4=?=
    Feb 2, 2006
  2. Stefaan Meeuws

    how to identify/approach a discovered wlan (i want to pay)

    Stefaan Meeuws, Apr 27, 2006, in forum: Wireless Networking
    Replies:
    4
    Views:
    576
  3. gangle

    A new approach by spammers

    gangle, Jan 20, 2004, in forum: Computer Support
    Replies:
    10
    Views:
    665
    Black Baptist
    Feb 7, 2004
  4. Susie Wong

    Wonderful new singer with a fresh new approach.

    Susie Wong, Jan 30, 2004, in forum: Computer Support
    Replies:
    21
    Views:
    929
    Stan Gosnell
    Feb 6, 2004
  5. Jacques Clouseau

    help! -- recovery of data in Lotus Approach

    Jacques Clouseau, May 7, 2004, in forum: Computer Support
    Replies:
    10
    Views:
    1,382
    Jacques Clouseau
    May 9, 2004
Loading...

Share This Page