ABA Used as Lure in Malware Spam
The American Bankers Association is the latest group to be used by hackers to try and spread malware.Other well-known names in the industry have been used as bait in phishing emails, including the FDIC, US Treasury, Internal Revenue Service and many financial institutions. The ABA issued an alert to its members.
The M86 Security blog first reported on Jan. 26 that the nation's largest banking association's name was being used by the Pushdo/Cutwail/Zeus gang to lure people who received emails that appeared to come from the ABA. If the person clicked on the email's embedded link, it took them to a page that appeared to be on the ABA website that says an unauthorized transaction was billed to their bank card.
"As with previous campaigns by this group, an IFrame on this page delivers exploits from the FSPACK exploit kit," M86 Security says. "When we visited this page in our lab using the Firefox browser, we were prompted to download a PDF file."
If the file was opened with a vulnerable version of Adobe Reader, M86 Security says its test machine would have been infected with Zeus. They warn that the FSPACK also exploits several vulnerabilities in Internet Explorer and Adobe Flash.