Zeus Trojan: Investment Opportunities
A new scam circulated through advertisements on websites of companies such as ESPN, Apple, Forbes, Amazon, CNN, and AOL is nothing but publicity stunt from Zeus family or malware. Trusteer found that there was a recent addition in the Zeus family and they were taken aback at the attempt by the criminals put forward to make the investment scam fruitful.
Trusteer's CTO, Amit Klein, stated that contrast to the other Zeus attacks, this attack is not just about the attack code. It is all about earning through selling the fraud scheme. When attack code seemed to develop to the extent where it can easily imitate real sites and authentic brands, it seems that criminal groups are accumulating investments in terms of marketing communications in order to make their scams more tough to be differentiated from authentic business offerings presented to netizens, as per the reports by The Tech Herald on April 27, 2011.
These attacks have just one objective i.e. to lure users into investing their money through a very persuading and professional looking site, http://ursinvestment.com.
After researching the site, Klein and his team noticed that, after registration, users are urged to upload funds through a bank wire transfer or using Western Union.
Klein claims that the interest rates provided range from a promised 7%, 11.3%, 16% and even 32%. And like the injected code, the site is professionally crafted and user friendly with a simple registration process. It tells the user to enter login and password details. But, it does not enable the user to recover his/her account information.
Klein stated that they have checked WHOIS for information on ursinvestment.com and discovered that records only start on November 3, 2011. But, as per the site, the URS Company has existed since 1995 and is based in the US. Klein stated that we did not find any company behind this site, as per the reports by info security.com on April 27, 2011.
It holds significance that the attacked domains are not hacked, the system of the user is hacked rather, and the ads seem to be infected from the Malware.
Trusteer explained that in a much comparable attack beside the attack on the Yahoo Finance pages, the hackers claimed that URS has formed an affiliation with Yahoo. This version of the scam accounts to a minimum investment of US $1000.
Related article: Zeus Trojan Stole Huge Amount of Information
» SPAMfighter News - 04-05-2011