Zeus Variants Attacking Citrix Users

Trusteer the security company has exposed fresh code inside some Zeus files which tries to infect Citrix Virtual Private Network appliances for gathering their data.

Said chief technology officer and head of research Amit Klein at Trusteer, the most recent Zeus strains particularly targeted banks which utilized Citrix for office staff as well as for accessing branch offices. The Trojan was so directed that it seized that text's screenshot which was near the mouse while the user clicked, and while "Citrix" showed up inside the address bar of the Web-browser, Klein elaborated. V3.co.uk reported this on November 16, 2010.

Remarking about the latest attack, Klein stated that Zeus quietly captured account information and passwords from people who had accounts with banks and then utilized them for carrying out illegal money transfers. Global Security Mag reported this on November 16, 2010.

Klein further explained the risk via stating that the Zeus was attempting at stealing Citrix Access Gateway users' login credentials. Citrix Access Gateway was a Secure Socket Layer (SSL) VPN solution that enterprises used for facilitating entry into data and applications with their networks from the remote. But by getting into the gateway, cyber-criminals too were potentially capable of accessing any of the organization's data. FinanceTech reported this on November 16, 2010.

Stated Trusteer, the exploit was a definite proof that Zeus was increasingly attacking businesses and particularly connections for remote access to protected networks.

The company thus suggests that banks can adopt best practices towards preventing the said attacks by reducing VPN access to particular users and software; maintaining malicious software up-to-date particularly when it's on remote tools; utilizing a protected Web-browser for safeguarding VPN connections; as also making workers conscious of security.

Nevertheless according to Klein, users at home possibly remain exposed to botnets much more than those at offices. Still corporate networks aren't impermeable as workers may've the liberty to browse online.

Worryingly, the risk increases with the malware being manageable without difficulty and previous editions attainable at little or zero expense. Recently, McAfee too made a demonstration that displayed how malware botnets could get constructed and installed without difficulty.

Related article: Zeus Trojan Stole Huge Amount of Information

» SPAMfighter News - 11/24/2010