Ad: Manage updates with the Download App
ie8 fix

zeus

U.K. police arrest 19 Zeus online fraud suspects

Nineteen people have been arrested in the U.K. for their alleged involvement in a fraud ring that stole millions of pounds from U.K. bank accounts.

London's Metropolitan Police Central eCrime Unit said the 15 men and 4 women, who were arrested yesterday in London, are suspected of using the Zeus data-stealing Trojan to capture log-in details and gain access to online bank accounts. The gang allegedly stole about 6 million pounds ($9.5 million) in a three-month period from U.K. banks.

Police were alerted to the gang's alleged activities by the Virtual Taskforce, a group … Read more

Fake LinkedIn e-mails lead to Zeus Trojan

Criminals are using bogus LinkedIn invite e-mails to trick people into clicking on links that lead to the Zeus data-stealing Trojan, a researcher warned today. The malware targets Windows users.

Researchers saw tens of billions of messages related to the attack yesterday, Henry Stern, a senior security researcher at Cisco Systems, told CNET. "There have been some bursts today, but nothing like yesterday," he said. "The botnet responsible for this is still in operation and it's just doing something else right now."

While this attack appears to be abating, people should be wary of any … Read more

Zeus banking Trojan targets mobile phones too

The Zeus banking Trojan, which targets Windows-based computers, is now being used to target victims' mobile phones too, according to several researchers.

Fortinet said today that it had uncovered new mobile malware dubbed SymbOS/Zitmo, which stands for Zeus in the Mobile, that is most likely designed to intercept confirmation text messages that banks send to customers for online banking. This could allow criminals to thwart banks' two-factor SMS authentication and approve transactions without the victim knowing it.

Zeus typically compromises a computer, either by luring the victim to click on a malicious link in an e-mail or luring the … Read more

Zeus Trojan steals $1 million from U.K. bank accounts

Consumers and businesses in Great Britain have lost more than $1 million so far this summer from a Trojan that is infecting their computers, prompting them to log into their bank accounts, and then is surreptitiously transferring money to scammers in other countries, security researchers said on Tuesday.

About 3,000 bank accounts were found to be compromised at one financial institution, which was not identified, according to a white paper released by M86 Security.

The multilevel scheme uses a combination of a new version of the Zeus keylogger and password stealer Trojan, which targets Windows-based computers and runs on … Read more

Zeus botnet jumps on PDF design flaw

Attackers have begun exploiting a design flaw in Adobe Systems' PDF format to spread the Zeus botnet, only days after the publication of a proof-of-concept exploit for the flaw, according to security researchers.

On Wednesday, researchers at M86 Security said they had discovered e-mails claiming to originate from Royal Mail with PDF attachments exploiting the flaw. The attachment attempts to run an executable file that installs the Zeus Trojan on a user's system.

Zeus attempts to steal banking information by logging a user's keystrokes. It also attempts to make a user's system part of the Zeus botnet. … Read more

88 percent of firms show Zeus botnet activity

Most major U.S. corporations--up to 88 percent of the Fortune 500 companies--may be affected by botnet activity from computers compromised by the Zeus data-stealing Trojan, according to an RSA study released Wednesday.

RSA's FraudAction Anti-Trojan services analyzed data stolen by Zeus from infected computers in August and traced evidence back to IP addresses and e-mail addresses belonging to the corporations, said Sean Brady, manager of the Identity Protection and Verification Group at RSA, which is the security division of EMC.

Specifically, "domains individually representing 88 percent of the Fortune 500 were shown to have been accessed to … Read more

ISP interruptions trip up Zeus botnet

The world's largest botnet, Zeus, has had its traffic disrupted by repeated disconnections of a Kazakhstani ISP, but a series of reconnections has revived its banking Trojan activity, according to security researchers.

The botnet mainly pushes out the Zeus banking Trojan, an information-stealing keylogger that relays sensitive data back to its controllers. The Kazakhstani Internet service provider AS Troyak provides network connectivity to six other ISPs that host Zeus botnet command-and-control servers. On Wednesday, the upstream connectivity to AS Troyak was cut by unidentified agents.

This disconnection resulted in the shutdown of 25 percent of the Zeus botnet, said … Read more

Zeus Trojan found on 74,000 PCs in global botnet

More than 74,000 PCs at nearly 2,500 organizations around the globe were compromised over the past year and a half in a botnet infestation designed to steal login credentials to bank sites, social networks, and e-mail systems, a security firm said Wednesday.

The systems were infected with the Zeus Trojan and the botnet was dubbed "Kneber" after a username that linked the infected PCs on corporate and government systems, according to NetWitness.

The Wall Street Journal reported that Merck, Cardinal Health, Paramount Pictures, and Juniper Networks were among the targets in the attack. NetWitness speculated that … Read more

Amazon EC2 cloud service hit by botnet, outage

The folks who run Amazon's EC2 cloud service must be happy the week is nearly over.

The cloud-based EC2 (Elastic Compute Cloud) was kept jumping this past week by two incidents: a compromised internal service that triggered a botnet, and a data center power failure in Virginia.

On Wednesday, security researchers for CA found that a variant of the infamous password-stealing Zeus banking Trojan had infected client computers after hackers were able to compromise a site on EC2 and use it as their own C&C (command and control) operation.

Don DeBolt, Director of Threat Research for CA Internet Security Business Unit, told CNET that the botnet first came to light while his firm was reviewing spam and found one with a URL for a piece of malware called xmas2.exe, described in a blog. After examining the file, DeBolt discovered it was a variant of the Zeus bot that was calling home to a computer inside Amazon Web Services, which houses EC2.

As a keylogger, Zeus is known to specifically capture bank account information, noted DeBolt, and was trying to perform the same crime in this case. The bot was also attempting to report the IP addresses of any clients that were infected via spam. The cybercrooks reportedly snuck their way into EC2 by gaining access through a site hosted on Amazon's service.

Once the bot was discovered, DeBolt and his team contacted Amazon to provide all the information from their client-based analysis. Since then, the files that were serving up the botnet on Amazon's side are no longer active.… Read more

Ex-Apple trio fails to shine

Many start-ups don't have profits when they go public. Some don't even have any significant revenue to speak of. But Acquicor took things a step further. It didn't even have a business.

The company, launched by three former Apple executives, was what's known as a blank-check company. Rather than have a business plan, such firms instead ask investors to bet on their management's track record, in this case that of former Apple CEO Gil Amelio, company co-founder Steve Wozniak, and former CTO Ellen Hancock.

Still, that was enough to land the company more than $160 million in a stock offering. … Read more