This means that the Trojan can get around the security in place on these websites, as the keystrokes required for logging in are recorded as the user enters them. Some forms of this malware also affect mobile devices, attempting to get around two-factor authentication that is gaining popularity in the financial services world.
Originally, the Trojan only affected computers running versions of the Microsoft Windows operating system, but some newer versions of the malware have been found on Symbian, BlackBerry and Android mobile devices. The creator of the malware released the Zeus source code to the public in , opening the doors for the creation of a number of new, updated versions of the malware. These days, even though the original Zeus malware has been largely neutralized, the Trojan lives on as its components are used and built upon in a large number of new and emerging malware.
The spam messages often come in the form of email, but there have been social media campaigns designed to spread the malware through messages and postings on social media sites. Once users click on a link in the email or message, they are directed to a website that automatically installs the malware. Because the malware is adept at stealing login credentials, it can sometimes be configured to steal email and social media credentials, enabling the botnet to spam messages from trusted sources and greatly expand its range.
Drive-by downloads happen when the hackers are able to corrupt legitimate websites, inserting their malicious code into a website that the user trusts. The malware then installs itself when the user visits the website or when the user downloads and installs a benign program. Since the ZBOT malware perpetrators are constantly finding new ways to attack users, users are advised to employ safe computing practices.
Be wary of phishing pages that purport to be legitimate websites, as these are primarily designed to fool unwitting users into handing over personal information.
Clicking links on emails that come from unknown senders is one of the easiest ways to fall prey to ZBOT attacks. Users need to manually scan their systems to trigger this. It can detect and prevent the execution of malicious files via the file reputation service. Non-Trend Micro product users can also check their systems using HouseCall , a free tool that identifies and removes all kinds of viruses, Trojans, worms, unwanted browser plug-ins, and other malware from affected systems.
They can also use Web Protection Add-On to proactively protect their computers from Web threats and bot-related activities. RUBotted can be used to find out if their machines are part of a bot network. From the Field: Expert Insights. This can lead to devastating wide-scale attacks that infect the entire network of the organization. Malware attacks are on the rise.
Ensure that your business, colleagues or customers are not held ransom to them, by backing up your data securely. Learn How Spanning Protects Office Login Login Start the Conversation. Nov 13 BY Shyam Oza. When it infects a computer, it looks for personal data such as email usernames and passwords as well as online financial and banking records associated with the personal information.
The data are then sent to remote servers and then collected by the hacker who can then proceed to commit financial fraud by using the stolen information.
The Zeus Trojan is also known as Zbot. The stolen information is then sent to remote servers controlled by the hackers, who then use it to log on to the victims' accounts to make unauthorized however, in this case, the system sees the transaction as authorized because of correct log-in information money transfers to various hidden accounts and "money mules" to hide the electronic trail and make it hard for authorities to determine exactly where the money went.
The Zeus Trojan was first identified in when it was used to steal various pieces of information from the U. Department of Transportation, and it was estimated by security analysts that by it had already infiltrated more than 74, accounts, including those from banks, financial and non-financial institutions such as the Bank of America, Oracle, NASA and Amazon.
Standard methods of removing the Trojan still apply such as using a "reliable" anti-spyware program or manually removing the executable file of the program, which is usually named along the lines of "
0コメント