A new malicious campaign is targeting customers of the major US financial institution Bank of America.
According to AppRiver, it has caught and blocked a set of virus campaigns over the past month that use “new and novel tactics” designed specifically to beat filtering engines.
It said that one common component is that enormous volumes of traffic are sent to data centres, with peaks reaching three or four times normal network traffic. The spikes are driven by a tremendous increase in the number of incoming messages being sent with viruses attached.
It said a spike was seen recently which processed ten to 12 times the normal amount of its normal traffic and once its systems have blocked the messages, its analyst team discovered they were designed to deliver a new Bank of America Trojan.
However, due to the sheer volume of the traffic, some user experienced delays in sending and receiving mail. The Trojan was detected which downloaded the Bredo virus; the main goal of which is to steal information such as banking info or recording keystrokes.
The message is a standard phishing message that warns of “irregular activity on the users machine”. AppRiver said that the software may also have abilities to further infect a system by downloading more malware on to the machine.
Running the message through a variety of virus scanners showed that only 11 of 51 anti-virus vendors were classifying it as malware.
