According to the internet security vendor, after users have initiated a secure online banking session, the Zbot injects into the browser a copy of each services’ enrollment screen, subsequently making off with all sorts of personal and banking data.
This version of Zeus, said Trusteer, attempts to trick online banking customers into surrendering their personal and credit/debit card data by claiming new FDIC rules require that they enroll in either Verified by Visa or MasterCard SecureCode to protect their accounts.
This type of scam is of particular concern, Infosecurity notes, because Trusteer’s own research shows that the majority (55%) of computers infected by Zeus malware, also known as Zbot, have active and up-to-date anti-virus protection.
The company’s data also show that based on information gathered from 3 million machines in the UK and North America, the poor detection rate has led to Zeus infection on one of every 100 computers.