ZLoader malware returns as a coronavirus phishing scam

Hackers have used ZLoader in 100 email campaigns in 2020

It appears that banking malware ZLoader has returned to the scene. As reported by Cyware, hackers have distributed the malware as part of a coronavirus-related phishing scam and has reportedly been spotted in over 100 email campaigns since the start of this year. According to Cyware, the malware is still under active development with new variants of the code continuing to pop up too. 

By borrowing select functions from Zeus, the ZLoader malware has successfully stolen data from banking customers across various continents. In the past, threat actors behind ZLoader malware have set their sights on Canadian organizations. This year, though, the group seems to have changed course and seems to be trying to dupe users in the U.S., Germany, Poland and Australia too. The group has done so by leveraging coronavirus-related phishing scams.

In March, FireEye reported fraudulent emails using coronavirus-related prevention tips, testing and invoices to dupe users into distributing the ZLoader banking malware. Then, in April, an email campaign was spread by password-protected Excel sheets accompanied by a message that a family member, colleague or neighbor of the user had recently contacted the virus. The emails also claimed to provide coronavirus-testing-related information. 

Earlier this month, Bleeping Computer reported that several malspam campaigns from multiple threat actors had started using PDF files linking to a Microsoft Word document laced with a macro code designed to download and run ZLoader.

Fortunately, users can protect themselves from ZLoader malware. To do so, avoid opening attachments or accessing links you’ve received from suspicious or otherwise unknown email addresses. Users should also avoid using third-party or P2P websites to download or update software. Anti-malware software can also be particularly helpful, as can changing passwords connected to financial accounts on a frequent basis.

Featured Resources

Next-generation time series: Forecasting for the real world, not the ideal world

Solve time series problems with AI

Free download

The future of productivity

Driving your business forward with Microsoft Office 365

Free download

How to plan for endpoint security against ever-evolving cyber threats

Safeguard your devices, data, and reputation

Free download

A quantitative comparison of UPS monitoring and servicing approaches across edge environments

Effective UPS fleet management

Free download

Recommended

Microsoft touts new cyber security help for nonprofits
cyber security

Microsoft touts new cyber security help for nonprofits

22 Oct 2021
A quarter of all malicious JavaScript is obfuscated
hacking

A quarter of all malicious JavaScript is obfuscated

20 Oct 2021
Organizations warned of ransomware risk from smaller operators
ransomware

Organizations warned of ransomware risk from smaller operators

19 Oct 2021
Iranian hacking group continues to target US citizens
hacking

Iranian hacking group continues to target US citizens

18 Oct 2021

Most Popular

Best Linux distros 2021
operating systems

Best Linux distros 2021

11 Oct 2021
Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans
Laptops

Apple MacBook Pro 15in vs Dell XPS 15: Clash of the titans

11 Oct 2021
Royal Mint to recover gold from smartphones and laptops in world first
Technology

Royal Mint to recover gold from smartphones and laptops in world first

21 Oct 2021