Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


ZeuS Variant Gameover Hits Job Site Monster.com; F-Secure

F-Secure the security company has warned of the notorious Trojan ZeuS whose Gameover variant is currently disrupting Monster.com the job recruitment website.

According to Sean Sullivan Security Analyst at F-Secure, the attack's strategy has dual phases for compromising users' accounts when they visit the website Thus, to begin hackers plant the Gameover program onto victims' computers and infect the systems. V3 published this dated March 26, 2014.

Sullivan explains that the Gameover is planted via the typical method of lure involving malvertising or spam; bot installer; alternatively exploit toolkit. When planted, the malware seizes credentials like username and password entered onto online forms. This is the first phase of the assault.

The second phase has users tricked into revealing rest of their credentials so the hackers can wholly compromise those users' accounts by means of one fake security verification online form.

Sullivan adds that the form directs the user for choosing and replying to 3 security queries from a total of 18.

As per F-Secure, it's not known what purpose the attack serves, although it's possibly devised for hacking into HR departments' accounts via Monster.

Moreover, the number of victims of the Gameover outbreak is still not clear. Sullivan says the botnet used is a P2P (peer-to-peer) infrastructure therefore counting is rather tricky.

Meanwhile, Gameover ZeuS attacking major employment website isn't new for, before Monster.com, it was hitting CareerBuilder.com over certain length of time.

Therefore, security experts at F-Secure state that recruiters from job sites must look out for unusual things on account login web-pages, particularly when those recruiters A/Cs deal with spending budgets or bank accounts.

The security company notes that incorporating the two-factor validation to job sites would be good in addition to mere security queries.

Eventually, Gameover has been especially vibrant lately. During first half of February 2014, Malcovery Security a security company revealed that Gameover's fresh variant got disseminated in the form of .enc file meaning an encrypted document, towards circumventing network securities. After sometime, in the same month, Sophos identified another Gameover variant, which safeguarded its processes/files via one kernel rootkit, thus making the malware's elimination really hard.

ยป SPAMfighter News - 4/1/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page