ThreatMetrix Disclosed: New Malware Strain of Zeus Poses Threat to Facebook and Gmail Users

ThreatMetrix, an Internet security solutions company recently announced a novel variant of the peer-to-peer version of the Zeus Trojan which puts Facebook and Gmail users at high risk of facing cybercrime.

The swindle that lingered from June to November 2011 had a target of six banks customers in Britain.

It took off with a gush of emails that triggered one into clicking on a link to a forged Facebook login page on the crook's server. The fake website presented a Flash plug-in upgrade for installation that contained software that permit a hacker to manage a compromised machine. Even if a victim declines to take the update, if possible, the page utilized the Black hole kit to identify the computer's security vulnerabilities and utilize them to install electronic malicious.

The bot becomes invisible and downloads the Zeus Trojan for installation once it is set in place. This malware then hinders the victim's online banking transactions and redirect money to mule accounts.

The company said that this malware comes with offers like: "Transferring facebook Credits to your bank account and earn up to 20 percent cash back on purchase of Facebook Credits using your Master or Visa debit card. Link your debit card with your Google Mail account to pay online securely at more than 3,000 stores."

Andreas Baumhof, Chief Technology Officer at ThreatMetrix is perplexed at the plight of these fraud pages and finds place in the pages of social websites, financial institutions, online retailers and payment processors that are at high risk with this particular variant of Zeus Trojan.

According to Baumhof, "Pages contains the branding and messaging typical to each of the industries that are being targeted by the cybercriminals. These messages are also modified with the victim's name. To defend users and customers, all of these industries are required to know the ways in which cybercriminals are sophisticated these days and take proper initiative to prevent these attacks.

Action Fraud, UK's national fraud reporting service warned regular users to check their browser address changes from 'https' to 'http' which indicates loss of secure connection.

On July 3, 2012, software giant Microsoft released the identities of two ringleaders of the Zeus botnet to the US Federal Bureau of Investigation (FBI).

Related article: Threatening Worm Hovers on Google Adsense

» SPAMfighter News - 7/16/2012