Beware! Criminals have rented a large botnet Cutwail to distribute Zeus Trojan

The Anti-Phishing Working Group (APWG) has released its latest report on phishing attacks. According to APWG nowadays the fraudsters prefer not to send the conventional phishing messages but to use a special crimeware which transfer the financial account credentials without participation of the victim. 

Reaserches of APWG from Afilias and Internet Identity found that despite the fact that the Avalanche botnet has launch for conventional spam-based phishing attacks, nowadays it is used to infect users’ PCs with the potent Zeus Trojan, a powerful banking credential-stealing malware. Avalanche has been sending billions of faked messages from tax authorities such as the IRS, false alerts/updates purporting to be from popular social networking sites, and other lures. These lures take victims to drive-by download sites, where the criminals infect vulnerable machines. 

Once a machine is infected, the criminals can remotely access it, steal the personal information stored on it, and intercept passwords and online transactions. The criminals can even log into the victim’s machine to perform online banking transactions. 

According to the authors of report malware distribution is a more effective and profitable tactic than traditional phishing. Moreover the Avalanche criminals recently rented a large botnet called Cutwail to send out massive amounts of spam lures. Those spams led unsuspecting Internet users to Zeus crimeware hosted on the Avalanche botnet. 

The full report is available in an attachment.