The Federal Bureau of Investigation. FBI 1 October Archived from the original on 3 October Retrieved 2 October BBC 1 October BBC News. Al Jazeera 21 September AJE News. Retrieved 21 March Zetter, Kim. Diane Bartz 29 October Retrieved 16 December It is used to gain access to banking credentials through keystroke logging, man-in-the-middle attacks, it is also deployed to install the CryptoLocker ransomware. It creates a botnet by a secretly formed network of corrupted machines controlled and monitored by a command and control server and a malicious author.
The malware author typically steals an enormous amount of information and also performs attacks on a large-scale. Zeus behaves as a financial service Trojan developed by the hackers to steal banking details from infected devices. The malware author performs the attacks through keylogging and website monitoring, which enables the malware to identify when the user is on a banking website so it can document the keystrokes used while logging in.
The trojan then escapes the existing website security as the login keystrokes were already recorded once the user attempts to enter the banking website. There are a range of Zeus variants that can affect mobile devices, in an attempt to gain access to two-factor authentication. Initially, Trojans only affected computers that run on Microsoft Windows OS, however, the latest versions have evolved to attack and infect Android devices, Symbian and Blackberry devices. The Malware author unveiled the source code of Zeus to the public in This gave way to the creation of new variants of the Zeus Trojan.
The Zeus Virus is comprised of two key techniques of infection. Malware authors attempt to infect websites by inserting the Zeus code into a website that the users trusts to be genuine. The malware gets installed into the website when the user enters the website. Hackers or cyber criminals send spam messages through phishing emails, and malicious social media campaigns that intend to spread malicious infection through messages and social media posts. The emails look genuine and when users click on the link in the message or email, they are redirected to a malicious website.
Examples: [Collected via e-mail, November ]. The virus is called Zeus. The Zeus source code was released into the public domain by its creator. Hackers can now use the Zeus building blocks and modify them to suit their purposes, making it possible to have unlimited versions of Zeus in circulation.
Hackers release only a few versions of a particular flavor of Zeus before changing it to avoid detection by antivirus software companies. According to security company Trusteer, having fully updated antivirus software reduces your chances of infection by only 23 percent compared to a PC with no protection. The company estimates that over 3.
Security company Kaspersky recently announced that it had discovered versions of Zeus for the Android platform and the Blackberry platform, meaning it's now operational on mobile devices and mobile banking websites. Small-business owners are at a significant disadvantage over consumers when it comes to battling with Zeus.
Most major banks reimburse consumer losses related to online attacks. Small-business bank accounts, however, are not afforded the same protections.
0コメント