ZLoader malware returns as a coronavirus phishing scam

Hackers have used ZLoader in 100 email campaigns in 2020

Data on screen, viewed by shadowy hacker

It appears that banking malware ZLoader has returned to the scene. As reported by Cyware, hackers have distributed the malware as part of a coronavirus-related phishing scam and has reportedly been spotted in over 100 email campaigns since the start of this year. According to Cyware, the malware is still under active development with new variants of the code continuing to pop up too. 

Advertisement - Article continues below

By borrowing select functions from Zeus, the ZLoader malware has successfully stolen data from banking customers across various continents. In the past, threat actors behind ZLoader malware have set their sights on Canadian organizations. This year, though, the group seems to have changed course and seems to be trying to dupe users in the U.S., Germany, Poland and Australia too. The group has done so by leveraging coronavirus-related phishing scams.

In March, FireEye reported fraudulent emails using coronavirus-related prevention tips, testing and invoices to dupe users into distributing the ZLoader banking malware. Then, in April, an email campaign was spread by password-protected Excel sheets accompanied by a message that a family member, colleague or neighbor of the user had recently contacted the virus. The emails also claimed to provide coronavirus-testing-related information. 

Earlier this month, Bleeping Computer reported that several malspam campaigns from multiple threat actors had started using PDF files linking to a Microsoft Word document laced with a macro code designed to download and run ZLoader.

Advertisement - Article continues below
Advertisement - Article continues below

Fortunately, users can protect themselves from ZLoader malware. To do so, avoid opening attachments or accessing links you’ve received from suspicious or otherwise unknown email addresses. Users should also avoid using third-party or P2P websites to download or update software. Anti-malware software can also be particularly helpful, as can changing passwords connected to financial accounts on a frequent basis.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now


ethical hacking

Mobile banking apps are exposing user data to attackers

26 Jun 2020

Most malware came through HTTPS connections in Q1 2020

25 Jun 2020

Phishing attacks target unsuspecting Wells Fargo customers

24 Jun 2020

Trump administration wants to enhance the security of .gov sites

24 Jun 2020

Most Popular

Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020

How to find RAM speed, size and type

24 Jun 2020

Is it time to put Intel Outside?

10 Jul 2020