Analizzato da: Fjordan Allego

HSBC customers, and online banking users in general, are targets of phishing and online banking scams always. The spammed message we have seen targeting HSBC users poses as a reply to a supposedly earlier mail request from the recipient. The payment advice that is being referred to in the mail is an attachment, which Trend Micro detects as TROJ_UPATRE.YYSK.

Extracting the attachment leads the unsuspecting user to a file named CashPro, which looks like a PDF file. However, upon further checking, the attachment is actually the UPATRE malware. UPATRE is known to gather computer information. It is also known to download/be distributed with information theft malware such as ZBOT and DYRE.

Trend Micro products effectively blocks this malicious spam and its attachment.

 Data/ora di blocco Spam: : 06 febbraio 2015 GMT-8
 TMASE
  • Motore TMASE: :7.5
  • Patrón TMASE: :1308

Minacce informatiche correlate