Search results for:
Security experts recently discovered that hackers had found a new way to circumvent security software and steal online banking details, according to an article published on Network World. The firm Malcovery Security, a security company, based in Georgia, contacted security analysts after discovering that none of 50 security programs on Google's online virus scanning service VirusTotal detected or captured Zeus. This notorious malicious software has been well known in the banking industry for a long time.
The article indicates that when Zeus successfully exercises an attack, it produces "an assortment of spam messages, which spoofed brands and organizations such as the payment processor ADP, the Better Business Bureau, and the British tax authority HMRC." According to the article, a ".zip_" file is contained in the spam message and, if opened, launches UPATRE. This small application leads to the download of a '\.enc'_ file. The article states that this file then decrypts and gives birth to "the GameOver Zeus, a variant of the notorious Zeus malware."
It is outlined in the article that Zeus first came on the scene in 2006 and has been "_a thorn in the side of banks_" since that time. The article continued to report – per Dell's SecureWorks unit – that the Zeus source code was "_leaked in May 2011_" allowing hackers and cybercriminals to continually "_make improvements_" and "_make its network more resilient._" In the article, Gary Warner, Malcovery's chief technologist, is quoted to say, "_Security products are appearing to stumble on the '.enc' file since it doesn't end in '.exe' which designates an executable program. Why? Well, because technically, it isn't malware._"
As the report continued, Warner was also quoted to say, "_It is likely that many different criminals are paying to use this infrastructure._."
Written by Bryon Turcotte / February 3, 2014