E-ticket to Malware

As with the recent spate of UPS themed spammed out malware, comes the E-Ticket one.

The idea is the same – “Thanks for using our service blah blah blah ….. here is the attached receipt/invoice”

The messages so far have a subject of “E-Ticket #XXXXXXXXXX” and have the following outline

Thank you for using our new service “Buy flight ticket Online” on our website.
Your account has been created:

Your login: xxxx@yyyyy.zzz
Your password: somepassword

Your credit card has been charged for $474.46.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%!
Attached to this message is the purchase Invoice and the flight ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!

Kind regards,
Jane Citizen
Some Prominent Airline Company

The attachment is unsurprisingly called eTicket#XXXX.zip, which contains the malware, detected as Troj/Zbot-AE.

If you happen to launch this binary you’ll turn your computer into a willing bot sending your internet bill skywards…

Seems like this flight is grounded.