Zeus Malware Seeks Facebook Users Debit Card Data

  /     /     /  
Publicated : 22/11/2024   Category : security


Zeus Malware Seeks Facebook Users Debit Card Data


Latest Botnet-backed fraud compaign also has variations targeting Google Mail, Hotmail, and Yahoo users.



Anonymous: 10 Facts About The Hacktivist Group (click image for larger view and for slideshow)
A new fraud campaign aims to separate users of Facebook, Google Mail, Hotmail, and Yahoo from their debit card data.
Weve recently discovered a series of attacks being carried out by a P2P variant of the Zeus platform against some of the Internets leading online services and websites, said Amit Klein, CTO of Trusteer, in a
blog post
. The attacks come disguised as offers for great rebates or hot new security functionality. But in reality, the scams exploit the trust relationship between users and these well-known service providers, as well as the Visa and MasterCard brands, to steal users debit card data, he said.
Each of the
social engineering attacks
differs slightly in its execution. In the case of
Facebook
, for example, the scam offers people a 20% discount if they link their Visa or MasterCard details to their Facebook account. The scam claims that after registering their card information, the victim will earn cash back when they purchase Facebook points, said Klein. A fake Web form then requests that the user enter their debit card number, its expiration date, as well as their security code and PIN.
[ No honor among these thieves. Read
Anonymous Allies Hit With Zeus Malware
. ]
In the Gmail, Hotmail, and Yahoo variations, the scam offers an allegedly new way of authenticating to the 3D Secure service offered by the Verified by Visa and MasterCard SecureCode programs, said Klein. In particular, the scam suggests that Google and Yahoo users can tie the
3D Secure password
issued by their bank to, respectively, their Google Checkout and Yahoo Checkout accounts. It then requests the persons debit card number, expiration date, security code, and 3D Secure PIN code. For Hotmail users, attackers have tweaked the language slightly to suggest that without the 3D Secure code being entered, users wont be able to use Hotmail to make any purchases.
What the attacks share in common, besides being scams, is their use of a specific variant of Zeus, which is frequently the malware of choice for criminals seeking to separate people from their personal financial information. Whats notable about the attack toolkits behind Zeus and similar malware--typically provided on a subscription basis--is that they allow people with scant computer knowledge to launch highly automated attacks that continue to evolve in order to fool security defenses. Although Zeus ships with a number of built-in features, subscribers also can
purchase upgrades
to customize their attack capabilities.
A Zeus-infected computer, or zombie PC, also can function as a node in a botnet that might comprise thousands of similarly infected machines. Each PC can receive further instructions and new code from the command-and-control (C&C) server that runs the botnet. These updates might contain code that records and exfiltrates all keystrokes on the machine, finds and copies all financial data, turns the PC into a
spam relay
, or in the case of the above scam attacks, attempts to trick users into sharing sensitive financial details.
Although authorities have
busted multiple crime rings
that have used Zeus to steal millions of dollars, and technology giant Microsoft has gone to court to
take down Zeus servers
, many Zeus-using criminals apparently remain alive, well, and well-remunerated.
Notably, the
ZeuS Tracker
Tuesday recorded 355 Zeus C&C servers as being online. It said that the average antivirus software detection rate for the malware currently being generated by Zeus toolkits was just 38.5%.
From clouds to mobile to software development, threats may be everywhere, but theyre not equally dangerous. The new, all-digital
IT Strategic Security Survey
issue of InformationWeek will help you prioritize. Also in this issue: IT must decide how to deal with consumer cloud storage being used in businesses. (Free registration required.)

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Zeus Malware Seeks Facebook Users Debit Card Data