Trojan.Zbot.IAO
Posted: August 29, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 59 |
| First Seen: | August 29, 2013 |
|---|---|
| OS(es) Affected: | Windows |
Trojan.Zbot.IAO is a variant of the banking Trojan Zeus that steals confidential information, especially (but not exclusively) information related to online banking activities. The Trojan.Zbot.IAO variant of Zeus is installed by Trojan.GenericKDV.1210899, a Trojan downloader that uses targeted e-mails to compromise business system PCs. Since these e-mails are designed to look like XeroX document-related messages and Trojan.Zbot.IAO lacks any obvious symptoms related to its immediate compromise of your PC, even determining that Trojan.Zbot.IAO is on your PC in the first place may be difficult without accurate anti-malware tools. Deleting Trojan.Zbot.IAO and Trojan.GenericKDV.1210899, in particular, is a task that SpywareRemove.com malware experts recommend delegating to anti-malware software, especially since Trojan.Zbot.IAO (and other versions of Zeus) is spyware with sophisticated defenses intended to prevent Trojan.Zbot.IAO from being found or removed.
Trojan.Zbot.IAO: a Trojan Attack Starting from a Simple Office Communication
As a regularly-updated, well-developed and widely-distributed PC threat, the banking Trojan Zeus has seen numerous variants throughout its lifespan, including TSPY_ZBOT.ADD, TSPY_ZBOT.THX and now, Trojan.Zbot.IAO. Like other versions of Zeus, Trojan.Zbot.IAO isn't distributed at random targets, and its criminal administrators appear to be targeting thousands of separate positions in various American companies. These attacks are launched through fake Xerox WorkCentre e-mails that appear to have file attachments of relevant scanned work documents. This disguise includes appropriately forged 'From' fields, subject lines and message bodies.
However, the malicious file attachment is not a direct installer for Trojan.Zbot.IAO. PCs infected will first be attacked by Trojan.GenericKDV.1210899, a Trojan downloader that SpywareRemove.com malware experts examined previously and found to be capable of installing multiple PC threats. Trojan.Zbot.IAO merely is one of the possible types of threats that may be installed by Trojan.GenericKDV.1210899, although Trojan.Zbot.IAO arguably is the greatest security risk of the lot: Trojan.Zbot.IAO targets bank logins, as well as other security information (passwords and login names in particular) to allow criminals to hack into any compromised accounts. These attacks also may include other efforts at compromising the PC, most notably, attempts to spread the threat through any accessible local networks.
Smiting Trojan.Zbot.IAO Before It Can Plunder What Doesn't Belong to It
Trojan.Zbot.IAO attacks are consistent with the overall strategy of previous variants of Zeus: monitor personal information through generic spyware techniques like keylogging and Web browser injection, interfere occasionally to make veiled requests for additional information (usually disguised as requests from a relevant banking institution) and maintain Trojan.Zbot.IAO's presence on your PC passively. Because Trojan.Zbot.IAO is a well-developed high-level PC threat, anti-malware protection may be your only way of finding or removing Trojan.Zbot.IAO. Afterward, SpywareRemove.com malware experts warn that you may need to take additional steps to re-secure any information that already may have been stolen by Trojan.Zbot.IAO.
As always, prevention is the best medicine for threats, and there's no need to learn how to remove Trojan.Zbot.IAO if your PC is never infected at all. Business workers in the US should be especially aware of the recent surge of fraudulent e-mails that cause Trojan.Zbot.IAO and Trojan.GenericKDV.1210899. These messages should be deleted on sight, and any suspicious attachments always should be scanned with anti-malware tools before they're opened.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.