RSS Alerts

Share

More services

Related Links

Related Stories

  • Conficker and Facebook / Twitter attacks dominate Q1 email threats
    The Conficker worm and attackers’ social engineering techniques exploiting users on Facebook, Myspace and Twitter, dominated the email threats in the first quarter (Q1) of 2009, according to identity-based unified threat management (UTM) solutions provider Cyberoam and its Israeli messaging and web security partner Commtouch.
  • Mahalo employee nailed for botnet crime
    An employee of the human-powered search engine Mahalo[http://www.mahalo.com/] was sentenced to four years in prison this week for operating a botnet.
  • New Botnets on the Prowl
    Two new botnets have emerged in the past few weeks, and at least one shows signs of being an upgrade to a previous botnet that wreaked havoc in the wild.
  • Downadup Worm Continues to Spread
    More evidence has appeared of the spread of a network work based on the RPC vulnerability that was found in Microsoft Windows in October. The network worm Downadup has failed to gain much traction on the open internet, according to anti-virus firm F-Secure, but is getting into corporate networks on a consistent basis.
  • Zeus botnet traced to Latvian operation
    Researchers have been busy over the last few days tracing where the Zeus botnet is being controlled from, following investigations by the University of Alabama in the US, which tracked down the Zeus Bot virus to a raft of fake internet postcards circulating on the internet.

Top 5 Stories

News

Forensics links fake online postcards to Zeus Bot

28 July 2009

The Computer forensics department at the University of Alabama has tracked down the Zeus Bot virus to a raft of fake internet postcards circulating on the Internet.

The Birmingham university researchers say that the malware - rated as one of the most pervasive in the US for some time by Network World - is currently infecting 3.6 million PCs in the US.

Gary Warner, director of forensics with the university, says that the fake postcards ask users to click and download to view the contents, and as soon as that click is made, the Zeus Bot malware has infected their computers.

"Once on a user's computer, Zeus Bot will give cybercriminals access to passwords and account numbers for bank, e-mail and other sensitive online accounts," he said.

According to Warner, hackers are using the fake Internet postcards as the latest mechanism to download the virus software onto unwitting users' computers.

Once the virus is on a computer, he said, it becomes a part of the Zeus Botnet and is able to steal Web site data from victims.

The malware uses a graphical user interface to keep track of infected machines throughout the world and is equipped with tools that allow the criminals to prioritize the banks and related stolen accounts they want to strike, Warner said.

"These messages are standard in their design and carry a subject line that indicates they come from the Web site 1001 Postcards," he explained.

"In this case and when it comes to messages that are supposedly from your bank, eBay or any other site, don't click on the links in an email," he said.

"Instead, type the address for the site that the message is coming from into your Web browser and log in as you normally would. If the site has an important message for you, you'll be able to find it," he added.

This article is featured in:
Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012