Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A botnet that controls more than 100,000 infected computers has been detected and named as ‘Zeus version 2'.Trusteer claimed that 98 per cent of its victims are UK internet users and details harvested included online account IDs, login information to banks, credit and debit card numbers, as well as account types and balances, bank statements, browser cookies and client side certificates. Login information for email accounts and social networks was also found.The company said that it discovered the extent of the botnet after it gained access to the botnet's drop servers and command and control centre which contained the stolen information.Amit Klein, Trusteer's chief technology officer, said: “This is just one out of many Zeus 2 botnets operating all over the world. What is especially worrying is that this botnet doesn't just stop at user IDs and passwords. By harvesting client side certificates and cookies, the cyber criminals can extract a lot of extra information on the user that can be used to augment their illegal access to those users' online accounts.“Coupled with the ability to remotely control users' machines, download data and run any file on them, this means that the fraudsters can insert partial or complete internet pages into a live web session, enabling them to inject transactions at will or extract even more data from the hapless victims.”Jim Stikeleather, chief innovation officer at Dell Services, said: “This latest scam is yet another example of why everyone has a responsibility for security. Fraudsters are becoming ever more sophisticated and it is clear that the top down centralised security models are just not working well enough. At the end of the day, the individual has to take some form of responsibility for protecting personal information.“These days, it is imperative that people are prudent and rational and don't do anything to put their personal information at risk. However, currently, less than ten per cent of the population has any knowledge of what goes on. There's a huge educational onus to inform them in a way that they can act in a prudent manner. We have a huge educational responsibility as a society.”See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.