Server Update Scam Distributes Zbot Trojan

For two days now, the Pushdo botnet has been distributing malicious spam intent on causing infections of the Zbot Trojan. This latest campaign pretends to come from a system administrator that asks you to run an executable file disguised as a patch.

The URL format may at first look legitimate since it uses the target's email address as part of the URL in the message body. But please be wary, the link pointing to the executable file is a Zbot Trojan, an information stealing piece of malware.

MailMarshal customers, and WebMarshal 6.5 customers with TRACEnet, are protected from this campaign with the latest updates.