88% Companies Infected on Account of Zeus Botnet Activities
As per a RSA study released on April 14, 2010, around 88% of the Fortune 500 firms in the US might have been hijacked by the Zeus Trojan.
Zeus, also called Zbot, reduces security settings and drops files on the hacked system. Trojan.Zbot has been crafted to open a large security hole through which several harmful adware and spyware can be instilled to an infected system. Also, Trojan.Zbot opens a backdoor that enables the remote attacker to gain control over the infected system, and this causes threat to the monetary or banking details stored on the system and reflects a major security risk.
Sean Brady, Manager of the Identity Protection and Verification Group at RSA, i.e. the Security Division of EMC, stated that RSA's FraudAction Anti-Trojan services examined data which was stolen by Zeus from infected systems in August 2009 and traced proofs back to e-mail addresses and IP addresses belonging to the firms, as per the news published by cnet news on April 14, 2010.
The stolen data discovered on the websites where compromised systems drop the hacked data included hacked mail addresses from nearly 60% of the companies. The report states that firms with less than 75,000 employees seem to have the highest ratio of botnet activity and hacked e-mail addresses to employee counts.
Also, the vastness of Zeus existence was shown by the study from the security firm NetWitness in February 2010, according to which over 74,000 systems at around 2,500 firms around the world, including 374 US-based companies were hacked over the last one and a half years. These were hijacked in a in a botnet infestation made to steal login information of bank websites, e-mail systems and social networking sites. The systems were affected with Zeus Trojan, and the botnet here was dubbed 'Kneber'.
Finally, with the latest study findings by RSA for review and NetWitness study, it is crucial for firms to continuously check the internal security measures so that when a security breach due to malware occur, the firm can recognize and take action before any confidential data is stolen.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 26-04-2010