All the latest UK technology news, reviews and analysis


Dropbox hits back at Zeus phishers

22 Oct 2013
dropbox-ipad

Dropbox has hit back at the hackers behind a recent phishing campaign designed to infect its users with a Zeus-family malware by trying to disrupt their campaign.

The new Zeus campaign was uncovered by cloud security provider Appriver, which reported discovering a bogus password reset email targeting Dropbox customers. The email messages contained a malicious link to a Dropbox file that, when clicked, infects the victim's machine with a Zeus-family malware.

Following its discovery, a Dropbox spokesperson told V3 that the company is aware of the scam and has already investigated and taken action to disrupt the attack.

"This is similar to other email spam campaigns that have spoofed well-known brands to distribute malware. We've investigated and taken action to disrupt this campaign," read the statement.

The spokesperson said users should remain extra vigilant and double check the origin of any email claiming to be from Dropbox before opening it.

"In addition, we urge people to exercise caution with unexpected emails. For example, check the destination of links in emails before clicking on them, verify the email directly with the sender's actual website or support channels, and use up-to-date antivirus software."

At the time of publishing Dropbox had not responded to V3's request for more detail on the specific action it has taken to combat the phishing campaign.

F-Secure security analyst Sean Sullivan said Dropbox was probably trying to flush the malicious files from its systems. "The phishing campaign emails point to Dropbox files, hosted on compromised accounts - or else to accounts set up deliberately by the spammers. I'm sure the Dropbox folks are analysing the IP addresses associated with logins, and are killing other fake accounts set up from the same sources," he said.

"If it looks like the accounts were compromised, their network guys are probably trying to develop some pattern ‘signatures' that would alert them to new phishing-like activity, which would then trigger an account suspension. Outside of that it's a game of whack-a-mole. They could report the phishers' IP addresses to local CERT teams - but there would be little to follow up on as they are almost certainly proxies."

Trend Micro security research vice president Rik Ferguson added that the ability to stop phishing in the first place is almost impossible and that major online firms have to just react as best they can.

"It seems this is just them [Dropbox] saying ‘we've heard that some spam is doing the rounds, abusing the Dropbox brand, distributing malware, don't click it'. To be honest, any company is a victim or a potential victim of this kind of abuse - it's the price of fame," he told V3.

Security firm Kaspersky Lab estimates hackers are hitting the UK with an average of 3,000 phishing messages every day. UK law enforcement has mounted a series of ongoing anti-cyber crime campaigns to help combat the scams. Earlier in October an investigation led by the UK's National Crime Agency resulted in the arrest of a cyber criminal responsible for a £750,000 plot to defraud the financial sector.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?
20%
14%
4%
20%
30%
12%

Popular Threads

Powered by Disqus
Galaxy S5 vs Xperia Z2 home screen

Xperia Z2 vs Galaxy S5

We break down the strengths and weaknesses of the two Android heavyweights

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv33

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery

rdc2

iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Web Manager

Web Manager Location: Corston, near Bath and Bristol...

IT Help Desk Analyst / Technician

Nviron Ltd requires an IT Help Desk Analyst / Technician...

1st/2nd line Service Desk Engineer

Main purpose of the role: Providing both onsite and...
To send to more than one email address, simply separate each address with a comma.