Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

New Variant of Zeus Contains Valid Digital Certificate - Comodo

Security researchers of security firm Comodo have identified a new version of the infamous banking Trojan namely Zeus which is signed with a valid digital certificate making it more difficult to trace and remove.

More than 200 customers of Comodo have been targeted with this threat.

Scmagazineuk.com published a report on 4th April, 2014 quoting Kevin Judge, blogger with Comodo, as saying "the variant of Zeus camouflages itself as an IE (Internet Explorer) document that is served via a webpage or a phishing email and downloads data-embezzling malware concealed by a rootkit component. It tries to steal credentials about login, credit card and other information which user keys in".

Judge said that the IE file deactivates the user, web-browsers and AV systems because it is digitally signed with an official certificate issued to 'isonet ag" making it appear authentic at first glance.

He explained: Zeus versions have been around for many years and if it is with an authentic digital certificate, then a browser will not exhibit warning message and even AV systems may not take action or may give inferior levels of warning. Malware having an authentic digital signature is tremendously dangerous because it guarantees browsers and AV systems about its legitimacy without a threat.

Essentially Zeus launches an assault when an individual visits an online banking site as it allows hackers to generate a remote session where they (hackers) can see what the victim is doing and clandestinely intercept all information from the activity.

For example, when the victim transfers funds on a banking site, the payment information will be displayed and the hackers will alter the transactions behind the landscape and drive the money to another account.

In December 2013, Kaspersky Lab discovered a 64-bit version of Zeus indicating the preparation by cybercriminals for stirring away from older 32-bit architectures in the software industry.

Comodo says that finally an increase in the trend of signed virus has been seen. Users of Windows are advised to install good AV software and configure the firewall to maximize the security of their PCs. Also, never open any links sent to you with emails from unfamiliar sources.

ยป SPAMfighter News - 4/12/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next