Zeus

A provider of image based authentication and verification solutions Confident Technologies Inc announced a new product Confident Multifactor Authentication. The solution represents a two-factor authentication that delivers an image-based authentication challenge to users' mobile phones for a more secure out-of-band authentication process.

Cyber security experts found a new version of ZeuS Trojan that targets Android users to steal their money from their banking accounts, reports ThreatPost. The malware intercepts SMS messages which are sent to log into online banking cabinets.

The number of Android malware increased 10 times since the beginning of the year, shows recent stats.

Meantime, the number of criminal schemes using ZeuS has also increased since March when the initial code appeared online.
 

Money obtained through phishing in the United States go to China, says the statement from the Federal Bureau of Investigation.

Hackers who obtain money from compromised business computers wire them afterwards to Chinese companies located near the Russian border. The FBI says that while various attacks are used, the notice identifies ZeuS, Backdoor.bot and Spybot as the fraudsters’ favorite malware.

Intermediary accounts in New York are typically used as staging points for the final transfer.

The source code for the infamous ZeuS toolkit is being offered by some cyber criminal through the underground forums on the Internet.

Nicknamed IOO the supposed seller provided proof of having the code by placing some screenshots of the source code portions. The sale is offered to be discussed vie either ICQ or Jabber. Any escrow payment is accepted.

The screenshots make reference to peinfector.cpp, a project of ZeuS known as "Murofet". While security researchers cannot verify if the sale is genuine they are taking the potential offer seriously.

Banking customers in Poland were hit by a version of the Zeus malware that intercepts one-time pass codes sent via SMS. On Monday the security vendor F-Secure blogged about the attack on the clients of the Polish financial institution ING. The issue was further analyzed on the website of security consultant Piotr Konieczny.

The new attack appears to be the same type found by the Spanish security company S21sec last September.

In 2010 botnets used to steal banking credentials and other purposes of cyber crooks affected more than 7 times as many victims as the previous year, according to a report by a security firm.

Damballa who released the report says that the increase was driven by improvements in DIY botnet construction kits using which criminals could construct new networks. Upgraded infection technology targets a hard drive's master boot record and changes the machine's boot options also played role.

According to the finding of Seculert there is a new combination of two pieces of advanced online banking malware circulating on the Internet now. The virus appears to be a beta version of a piece of malware that has bits of both Zeus and SpyEye, says Aviv Raff, CTO and cofounder of Seculert.

A security vendor Seculert has found that a banking malware Carberp that has been tracked by researchers since its appearance last October is adding more sophisticated capabilities.

Carberp targets Windows OS running machines and can steal a range of data as well as disguise itself as legitimate Windows files and remove antivirus software. The malware is considered as a rival to Zeus.

In the wake of increasing number of purchases made online this holiday season a version of Zeus botnet is targeting credit-card account holders who shop several major U.S. retailers including Macys and Nordstrom, reports security firm Trusteer.

Another iteration of the infamous ZeuS Trojan was developed to be run only on high-end machines with fast performance. Security researchers usually deploy automation and virtualisation technologies to cope with the growing volume of malware spewed out by cybercrooks every day. Knowing this cyber crooks use virtual machine detection and anti-debugging code in their creations. This increases the time for security analysts to detect, develop and distribute anti-virus updates.

Prosecutors in Moldova arrested six corrupt bank insiders which turned to be ZeuS money mule suspects. It was found during the investigation that half dozen of the suspects worked in local banks in the east European country. Investigators reckon the suspects specialised in laundering Western Union and MoneyGram payments received from co-conspirators in the West that can ultimately be traced back to compromised corporate and personal bank accounts.

ZeuS botnet continues its evolution despite high-profile crack downs on its orchestrators in the US, UK and Ukraine, according to security experts.

Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.

"There's a community building it and supporting it," says Eric Skinner, CTO of Entrust. "There's no one person to take down. If one person stops updating, somebody else will pick up the task. It's not like when you shut down a software company and the product ceases to be developed."

Trusteer, the security firm, is now warning of a new variant of the Zeus malware trojan that imitates the Verified by Visa and MasterCard SecureCode enrollment screen to erase sensitive data and passwords from PC users.

The injected enrollment screen prompts users to enter their social security number, credit or debit card number, expiration date, and PIN or CSV code.

As it became known, Tuesday about 25% of the servers linked to Zeus-related botnets suffered superb blow after the ISP taken offline. This represented continuation of a recent trend of takedowns hitting some of the world's most scummy cyber operations.

According to US Federal Deposit Insurance Corporation data, small businesses computer scam made up $25 million in the third quarter of 2009.

Online banking fraud involving the electronic transfer of funds has been increasing since 2007 and reached the volume of over $120 million in the third quarter of 2009, according to estimates presented Friday at the RSA Conference in San Francisco, by David Nelson, an examination specialist with the FDIC.