All the latest UK technology news, reviews and analysis


Dropbox hits back at Zeus phishers

22 Oct 2013
dropbox-ipad

Dropbox has hit back at the hackers behind a recent phishing campaign designed to infect its users with a Zeus-family malware by trying to disrupt their campaign.

The new Zeus campaign was uncovered by cloud security provider Appriver, which reported discovering a bogus password reset email targeting Dropbox customers. The email messages contained a malicious link to a Dropbox file that, when clicked, infects the victim's machine with a Zeus-family malware.

Following its discovery, a Dropbox spokesperson told V3 that the company is aware of the scam and has already investigated and taken action to disrupt the attack.

"This is similar to other email spam campaigns that have spoofed well-known brands to distribute malware. We've investigated and taken action to disrupt this campaign," read the statement.

The spokesperson said users should remain extra vigilant and double check the origin of any email claiming to be from Dropbox before opening it.

"In addition, we urge people to exercise caution with unexpected emails. For example, check the destination of links in emails before clicking on them, verify the email directly with the sender's actual website or support channels, and use up-to-date antivirus software."

At the time of publishing Dropbox had not responded to V3's request for more detail on the specific action it has taken to combat the phishing campaign.

F-Secure security analyst Sean Sullivan said Dropbox was probably trying to flush the malicious files from its systems. "The phishing campaign emails point to Dropbox files, hosted on compromised accounts - or else to accounts set up deliberately by the spammers. I'm sure the Dropbox folks are analysing the IP addresses associated with logins, and are killing other fake accounts set up from the same sources," he said.

"If it looks like the accounts were compromised, their network guys are probably trying to develop some pattern ‘signatures' that would alert them to new phishing-like activity, which would then trigger an account suspension. Outside of that it's a game of whack-a-mole. They could report the phishers' IP addresses to local CERT teams - but there would be little to follow up on as they are almost certainly proxies."

Trend Micro security research vice president Rik Ferguson added that the ability to stop phishing in the first place is almost impossible and that major online firms have to just react as best they can.

"It seems this is just them [Dropbox] saying ‘we've heard that some spam is doing the rounds, abusing the Dropbox brand, distributing malware, don't click it'. To be honest, any company is a victim or a potential victim of this kind of abuse - it's the price of fame," he told V3.

Security firm Kaspersky Lab estimates hackers are hitting the UK with an average of 3,000 phishing messages every day. UK law enforcement has mounted a series of ongoing anti-cyber crime campaigns to help combat the scams. Earlier in October an investigation led by the UK's National Crime Agency resulted in the arrest of a cyber criminal responsible for a £750,000 plot to defraud the financial sector.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Green IT poll

How important is it to your business that a cloud provider uses renewable energy like solar or wind to power their data centres?
21%
6%
3%
2%
68%

Popular Threads

Powered by Disqus
Galaxy S5 vs Nexus 5 head to head review front

Galaxy S5 vs Nexus 5 video review

We compare Samsung and Google's top devices

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Head of IT Service Management

Head of IT Service Management Annual Salary of up...

Head of IT Projects

Head of IT Projects Annual Salary: Up to £48,153...

Assistant IT Director

Assistant IT Director Annual Salary: Up to £74,954...

Peer Support Co-ordinator

Peer Support Co-ordinator (Part-time 0.6FTE...
To send to more than one email address, simply separate each address with a comma.