3,000 UK bank accounts hacked
Discussion
Zeus v3 is sent via email as a spoofed message asking you to click on a hyperlink to update software either Microsoft or another.
Info on Zeus V3 said:
Security vendor Websense is warning of a renewed spate of global attacks aimed at stealing information from staff in government and military departments via the notorious Zbot, or Zeus, Trojan.
The malware was originally designed to steal banking data, but was used in a campaign targeting government workers in the US and UK at the beginning of the month.
This follow up attack involves a fake email purporting to be from a reputable figure within the CIA with the subject line: 'Russian spear phishing attack against .mil and .gov employees.'
"The spoofed emails capitalise on the last Zeus attack, and claim that installing the 'Windows update' via the links provided will aid protection against Zeus attacks," said Websense in a security alert.
"The binary file downloaded from these links is identified as a Zeus bot and holds a 35 per cent anti-virus detection rate. Once again URLs in the email messages lead to a malicious file hosted on a compromised host, and also on a popular file hosting service."
Websense explained that, after the Zeus rootkit component is installed, the command and control server is contacted to download an encrypted configuration file.
Another data stealing component gets downloaded and installed from the same server, and the bot then starts to connect with a credential-based FTP server to upload stolen data.
The malware was originally designed to steal banking data, but was used in a campaign targeting government workers in the US and UK at the beginning of the month.
This follow up attack involves a fake email purporting to be from a reputable figure within the CIA with the subject line: 'Russian spear phishing attack against .mil and .gov employees.'
"The spoofed emails capitalise on the last Zeus attack, and claim that installing the 'Windows update' via the links provided will aid protection against Zeus attacks," said Websense in a security alert.
"The binary file downloaded from these links is identified as a Zeus bot and holds a 35 per cent anti-virus detection rate. Once again URLs in the email messages lead to a malicious file hosted on a compromised host, and also on a popular file hosting service."
Websense explained that, after the Zeus rootkit component is installed, the command and control server is contacted to download an encrypted configuration file.
Another data stealing component gets downloaded and installed from the same server, and the bot then starts to connect with a credential-based FTP server to upload stolen data.
Jesus. People should only be allowed to enable online access to their bank account after they've read a document which tells them all about spoofed emails, keyloggers etc etc.
Too many people are just blithely unaware of all these nefarious tricks these scum use to harvest bank logon details.
Too many people are just blithely unaware of all these nefarious tricks these scum use to harvest bank logon details.
hornetrider said:
anonymous said:
[redacted]
I keep getting asked by HSBC to do this but I can't be arsed - what's the story with it?Gassing Station | News, Politics & Economics | Top of Page | What's New | My Stuff