Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
The infamous Zeus malware botnet has begun harvesting user bank data by posing as a credit card verification scheme.Security firm Trusteer said that the malware has been injecting phishing pages into user systems which harvest bank details along with personal identification information. The pages claim to be from the bank and ask the user to fill out an "enrolment form" for the 'Verified by Visa' or Mastercard 'SecureCode' security programmes.The Zeus botnet has built up particular notoriety for its phishing practices. Rather than attempt to redirect users to infected sites or phishing pages, the malware embeds itself within the system and then generates phishing pages locally.According to Trusteer, the malware is now waiting for the user to log into banking sites, and then generating the phishing pages which the malware claims to be from the user's own bank. Trusteer said that the attack currently targets customers of at least 15 US financial institutions.The stolen account data is then used to register accounts with the services and perform fraudulent transactions.While Zeus has commonly been linked to financial fraud operations, the malware has performed other activities. Earlier this year the botnet made headlines when it moved from collecting financial data to harvesting information from government workers.The infections have continued despite increased efforts to shut the botnet down. Trusteer estimates that the malware may infect as many as one out of every 100 machines.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.