Zeus crimeware still in wild could target Fortune 500

Security

by CBR Staff Writer| 11 June 2014

Malicious actors may use the Zeus crimeware to hack into web-based enterprise applications.

Despite a multi-nation crackdown on Gameover Zeus last week, Akamai has warned that new variants of Zeus crimeware kit are still in the wild, which could target Fortune 500 enterprises.

Last week, a multi-nation operation led by the US has disrupted Gameover Zeus, a two-year-old botnet which infected between 500,000 and 1 million computers across the globe.

The advisory from Prolexic Security Engineering & Response Team (PLXsert), a unit of Akamai, has warned that malicious actors may use the Zeus crimeware kit to steal login details and hack into web-based enterprise applications or online banking accounts.

Main intention of the Zeus crimeware kit is to infect and control as many hosts as possible to steal sensitive information which usually ends up in identity theft and fraud.

Akamai Security Business Unit senior vice president and general manager Stuart Scholly said the Zeus framework is a powerhouse crimeware kit that enterprises need to know about to better defend against it.

"It's hard to detect, easy to use, and flexible - and it's being used to breach enterprises across multiple industries," Scholly said.

The malware kit can help malicious actors steal login details from an infected device, including usernames and passwords which are entered through browsers.

It can allow malicious actors to add more fields to a web form in a legitimate website, to gather additional info from users, including banking pin.

Hackers can also take a screenshot of users' machines remotely at any time, the researchers added.

The advisory warned that Platform-as-a-service (PaaS) and software-as-a-service (SaaS) vendors can be targeted by the crimeware which may lead to loss of confidential customer information, trade secrets, data integrity and reputation among others.

The new strain of Zeus malware can be unknowingly downloaded by employees, customers and business partners into their enterprise devices which could leave them at the risk of being compromised.

If employees subsequently login from the infected devices through the web, they may end up unknowingly providing confidential information to hackers.

"Zeus is insidious, even in the most secure environments," Scholly added.

"Users are tricked into running programs that infect their devices, so strict enforcement of organizational security policies and user education can help."

"Enterprises are encouraged to develop a rigorous website security profile that includes a web application firewall. This approach can disrupt Zeus communication patterns and help prevent data breaches and file scanning attempts."

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.

Join our network

755 people like this.
0 people follow this.

Security Intelligence

Suppliers Directory


See more
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.