Zeus Trojan Target People Via MasterCard & Visa security programs
The Zeus banking Trojan is now using a new trick of emerging as fake "MasterCard SecureCode Security" or "Verified by Visa" programs on infected computers.
As per the security researchers, it has been recently observed that the Trojan attacks banking customers by exhibiting a fake "Verified by Visa" enrollment screen, or its MasterCard counterpart SecureCode. It attempts to attract customers into fraud online enrollment action that would ultimately expose their sensitive financial data to cyber criminals.
Commenting on the issue, Mickey Boodaei, CEO of Trusteer, said that when customer log into the bank account, it displayed that the user had to register for "Verified by Visa" because it was regulated now. This notification made the software seemed particularly developed for the use by banks and their customers to prevent malware, as reported by NETWORKWORLD on July 14, 2010.
Boodaei added that this new attack with completely bogus Verified by Visa and MasterCard SecureCode was intended to trick banking customers so that their personal verification numbers, Social Security number, credit and debit card number and other details could be traced easily.
The Zeus botnet is used by the criminal organizations to infect computer systems. After infecting PCs, it waits until the victim log into the list of targeted banks or financial organizations. Afterwards, it uses different tricks to steal personal information and carry out illegal funds transfers.
The Zeus botnet has emerged as one of the most hazardous botnets in the history because it has been used to commit many targeted crimes. This botnet also provides an ease to the attackers to commit crimes.
Zeus was initially developed to target web credentials for financial organizations only, but now it can also be configured to search for credentials for stock brokerages, 401ks and other categories of websites like social networking and shopping websites.
In addition, the Trojan steals credentials and transmits data back to the controllers through botnet network. Afterwards, the criminals log into the accounts and transfer money via ACH transactions out of the accounts to money mules.
Zeus has been propagating its payloads in different manners, and the method used for exploitation mainly depends on the version of Zeus and alternatives chosen by the attacker.
Related article: Zeus Trojan Stole Huge Amount of Information
» SPAMfighter News - 27-07-2010