Feeds

Zeus baddies unleash nasty new bank Trojan

New generation of infamous cybercrime toolkit targets UK, US and Germany

Security for virtualized datacentres

Hackers have created a new version of the Zeus crimeware toolkit that's designed to swipe bank login details of Spanish, German, UK and US banks.

The malware payload, described by CA as Zeus version 3, is far more selective in the banks it targets. Previous versions targeted financial institutions around the world while the latest variant comes in two flavours: one that only target banks in Spain and Germany, and a second that only targets financial institutions in the UK and US.

In addition the latest version of Zeus contains features that makes it far harder for security researchers to figure out what the malware is doing. Zombie drones on the Zeus botnet operate on a need to know basis, CA explains.

"In earlier versions, Zeus handles this configuration file in a way that security researchers can easily manage to reverse engineer and capture the actual full configuration content," writes Zarestel Ferrer, a senior research engineer with CA's Internet Security Business Unit.

"This is no longer the case for the latest Zeus bot version 3, which is already in the wild.

"It employs layers of protection by applying the principle of least privilege. It means that the bot must only access remote command, information and resources that are necessary to a specific function and purpose."

Command and control systems associated with the bot are "mostly hosted in Russia", according to CA. Banks in Spain, UK, USA and Germany were the most targeted institutions in previous versions of the banking Trojan.

The unknown cybercrooks have tightened this focus with the latest version of the cybercrime toolkit, meeting customer demand in a manner akin to legitimate software developers releasing localised versions of tools in key geographical markets. ®

Beginner's guide to SSL certificates

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.