Credit Unions Cautioned against Banking Trojan Zeus
According to a warning released by Credit Union Information Security Professionals Association (CUISPA), several credit unions have been hit by the Zbot or Zeus Trojan, which eludes majority of antivirus defenses so it can seize the Internet banking credentials.
Kelly Dowell, Executive Director of CUISPA, states that the problem becomes evident when a member suspected extra web-pages asking for information, according to a CUISPA press release on January 12, 2010.
Describing Zbot, CUISPA states that it is essentially a nasty malicious program. After it infects a system, it remains inactive till the user enters his login credentials for online banking. It displays a message box which directs the user that he should confirm his login details via submitting his credit card details. Once these information pieces are gathered, the Trojan transmits them to the remote hackers.
Dowell said that the vital thing to comprehend was that a mere visit to the page caused damage to the user. Thus, if the attackers compromised the users' credentials, he should immediately get his credentials changed, and erase all software to re-install them on his system. The Internet banking Trojan was especially dangerous because it was difficult to detect, Dowell added, as reported by Credit Union Times on January 12, 2010.
According to the CUISPA officials, Zbot/Zeus is horrible in the way it evolves. This malware utilizes a rootkit so that it can successfully conceal itself on a consumer's or an organization's computer. The Zeus variants have been known to circumvent strong authentication and to introduce fake transfer queries. Incidentally, the latest attack resembles the one that was responsible for the 'Automated Clearing House' scam.
During November 2009, the security company M86 identified that Zbot attacked NACHA (National Automated Clearing House Association). In that attack, if anyone clicked on a given web-link, he was led to a bogus NACHA page, which in turn produced an executable file link to deliver Zeus.
To remain safe from Trojan Zbot, users are recommended that they should deploy high quality firewalls and updated antivirus software.
» SPAMfighter News - 23-01-2010