New Variant of Trojan Zeus Attacks Banks
Researchers at a website security company Dasient report that a fresh attack is being launched that involves the data-stealing Trojan, Zeus. This Trojan contaminates Windows computers.
The new version of Zeus allows cyber criminals know when a contaminated computer connects to a particular Internet banking website. Thereafter, the malware exhibits a bogus website that captures account details and other personal information for theft of funds.
Notably, the bank security specialists are well aware of Zeus as probably a highly-pernicious Trojan that aims at contaminating individual PCs for fulfilling evil activities.
The security researchers state that starting June 2010, Zeus has been executing fresh personalized assaults against certain banks' customers. These banks are Alliance & Leicester and HSBC in the UK, and Citibank in Germany. The banks state that they have adopted measures for protecting their clients.
Although merely a handful of banks are attacked, Neil Daswani (Dasient's Co-founder and Chief Technology Officer) stated that it meant all financial institutions needed to be alert, as reported by 'Gadgetwise' on July 13, 2010.
The researchers disclosed that since the late 2009, the Zeus network of bots had been proliferating through drive-by download. The drive-by download had a singular objective: to add the contaminated computer to the Zeus network and wait for more instructions.
When a Zeus-contaminated PC joins the botnet, it will begin keystroke logging for phishing off the user's banking credentials while he carelessly accesses the home pages of banking sites.
Dasient's researchers have found that Zeus continues to spread through drive-by downloads. It has one more goal: to disseminate toolkits for phishing targeted at the financial industry.
Reportedly, criminals have spread the joint Zeus and phishing toolkit drive-by download attack through gate4ads.info, a malicious domain which delivers an offensive iFrame.
Preventing the latest Zeus assault can prove tricky. As different from the conventional phishing attacks, this attack neither uses e-mail entices, which anti-spam filters can block, nor Web-domains, which are possible to remove.
Besides, it is increasingly hard to stop Web-borne infections since many hacked websites are originally legitimate. Hence, the security specialists suggest keeping all software and Web-browsers up-to-date.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 28-07-2010