Phishing: ThreatMetrix Identifies a New Variant of Zeus

• Security researchers have lift the veil off a new insidious threat, hardly ever detected by protection software and likely to retrieve sensitive data from the Internet users (card numbers, PIN codes, etc.).

• Security specialist ThreatMetrix discovered this variant of Zeus in April and has just released a White Paper dealing with it. This version displays several “qualities” including stealth (it silently waits for the user to log onto certain seemingly legitimate website to trick him into providing his IDs) and manages to escape automatic detection tools. Naturally, social media are among the most targeted players; other targets include financial service providers, retailers and payments processors.

Source: ThreatMetrix

• Financial institutions have to face an increasing number of threats, and the Dissecting Operation High Roller report published by Guardian Analytics and McAfee a short while ago already pinpointed the variety and relevance of the attacks. Cybercriminals have attempted to transfer between 60 million to two billion euros to mule business accounts from about 60 banks worldwide.

• Zeus and SpyEye are still very much in use; these tools allow fraudsters to bypass PIN code-based authentication for example to make illegitimate credit transfers. Italy, Germany, the Netherlands, the US and South America are especially affected.