Criminals Are Still Using Malware To Attack Online Users

By Author: EC-COUNCIL
Total Articles: 68
Comment this article

Zeus malware still continue to evolve despite many recent arrests. Recently, the infamous Zeus malware package has begun an attack campaign targeting financial investors.
Security vendor Trusteer said in a recent report that samples of the malware have been spotted in connection with URS Investment Fund, a phony investment site which seeks to trick users into uploading money transfers to an account controlled by the attacker. The attack utilizes the ability of Zeus to locally alter HTML files on infected machines, allowing attack code to be presented on otherwise safe web pages. In this case, the malware has been injecting pages with phony banner ads attempting to lure users to the URS Investment Fund scam site.
New capabilities are strengthening the Zeus botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems. The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC. Zeus v.1.3.4.x has ...
... integrated a powerful remote-control function into the botnet so that the attacker can now "take complete control of the person's PC," says Don Jackson, director of threat intelligence at SecureWorks, which released an in-depth report on Zeus this week.
The UK government systems also fall victim to a Zeus Trojan attack; Foreign secretary William Hague has confirmed that. In late December, spoofed emails claiming to come from the White House bypassed government filters and infected systems with a variant of the Zeus information-stealing Trojan, Hague told the Munich Security Conference on Friday. The emails directed users to click on a link, which downloaded a variant of the Zeus Trojan, said Hague.
MessageLabs, which filters emails for the UK government, had not responded to a request for comment at the time of writing. The Cabinet Office, which oversees government cyber security efforts, had also not responded to a request for comment. Hague said the UK government wanted to host a cyber security conference in the summer "to explore mechanisms for giving [cyber] standards real political and diplomatic weight."
Zeus is also very capable of exploiting BlackBerry smartphones. Trend Micro, a security solutions provider, claimed the Trojan seems to target specifically the SMS feature of the Blackberry. The Trojan maybe in the form of an application, once installed sends a confirmation message to the hackers that transmitted the Trojan, to signal that it is ready to receive commands. Once the Trojan sender or the hacker sends a confirmation message, the Trojan can view, delete and forward SMS’s, block calls, change the administrator on the device and block phone numbers. It sends all data on the phone to the hacker in the event that it gets shut down.
Zeus attacks have been continually evolving over the last 12 months, according to one expert. Amit Klein, chief technology officer at Trusteer, has warned that such attacks are evolving and remain a major concern for the IT security industry. 'In conjunction with this trend, what we see is more and more sophistication and craftsmanship around the HTML injections themselves.' According to a recently released report by Trusteer, Zeus continues to be a thorn in the side of the IT security industry despite having been around for four years.
The number of cyber attacks is only going to increase if organizations fail to pay attention on the vulnerabilities of their network security. Organizations need to implement robust Internet security initiatives to protect their network and their customer’s information, including hiring highly trained information security experts in order to avoid security breaches. Information security professionals can increase their information security knowledge and skills by embarking on highly technical and advanced training programs. EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency of highly technically skilled information security professionals.
CAST will provide advanced technical security training covering topics such as Advanced Penetration Testing, Digital Mobile Forensics training, Application Security, Advanced Network Defense, and Cryptography. These highly technical and advanced information security training will be offered at all EC-Council hosted conferences and events, and through specially selected EC-Council Authorized Training Centers.
About EC-Council
EC-Council is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (CEH) course, Computer Hacking Forensics Investigator (CHFI) program, License Penetration Tester (LPT) program and various other information security training programs offered in over 84 countries around the globe. EC-Council has trained over 90,000 individuals in technical security training and certified more than 40,000 security professionals. EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency in the lack of highly technically skilled information security professionals.