Welcome to Finextra. We use cookies to help us to deliver our services. We'll assume you're ok with this, but you may change your preferences at our Cookie Centre.
Please read our Privacy Policy.

Accept
Channels
Blog article
See all stories »

Channels

Security

Group

Innovation in Financial Services
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

ZeusiLeaks Archives File 004: Earnings Season

In this ahort ZeusiLeaks file I’ll talk about why it’s not a good idea if you’re a public company and your PR agency has Zeus infected machines during earning season…

Quick reminder:

WikiLeaks, the largest leak of data the world has seen? Nonsense! Trojans like Zeus and SpyEye lurk on millions of personal, corporate and government PCs, stealing data 24 by 7. Everything you do online – either private or work related – is sent to a mothership half across the globe. Welcome to the ZeusiLeaks Archives, and look here for previous files.

***

Helen McDuffie (don’t look her up, I masked the name) works for a big New York based PR agency. The agency provides public relations services to many of the NSYE traded customers. Lets be clear: this sort of PR agency is exposed to quarterly and annual financial reports weeks before they are submitted to Wall Street and become public knowledge, as they help the public companies deliver the right message in press releases and analyst briefings.

If this sort of data is leaked out before it becomes public knowledge, the SEC will be all over it. Inside information is like fixed matches in sport games: it breaks the rules of the game.

It’s earning season, and Helen is super busy. She needs to work on press releases with her peers in the corporate PR departments of NYSE’s largest companies. It’s no wonder that while logging into her gmail account she also had 3 other conversations.

Equally as busy is the Zeus Trojan on Helen’s machine… More specifically, the keylogger function that is capable of grabbing not just the immediate session Helen works on (the gmail login) but also all other parallel conversations, which are typically done in some sort of messenger program.

The three conversations are totally not related. Take this one: “he ignored the recall and sold it to you anyway, right? Sue him, go to people’s court!” – which seems like a sound advice. The bastard.

Then you have a more relevant piece: “Hi Jenn, Next week’s a bit busy for me? We’re heading into earnings season with our clients here”.

And there’s a Trojan on my machine.

Now comes my favourite part: “Below is an interesting blog post from NYSE regarding cyber security around earnings. As you may be aware, there have been several companies…” – the conversation is cut, but you have to admit it’s totally ironic :)

6015

Channels

Security

Group

Innovation in Financial Services
External | what does this mean?
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Report abuse

Comments: (0)

Join the discussion
Uri Rivner

Uri Rivner

CEO and Co-Founder

Refine Intelligence

Member since

14 Apr 2008

Location

Tel Aviv

Blog posts

89

Comments

37

More from Uri

This post is from a series of posts in the group:

Innovation in Financial Services

A discussion of trends in innovation management within financial institutions, and the key processes, technology and cultural shifts driving innovation.

See all
Community
See all blogs »
Fintech 

How innovation in encryption is helping secure the credit card approval process

Ghazi Ben Amor

Ghazi Ben Amor

Operational Risk Management 

DORA – Navigating the EU’s Operational Resilience Landscape

Antony Fung

Antony Fung

Fintech 

The importance of risk management in trading

Kate Leaman

Kate Leaman

Digital Identity Management 

Navigating the digital identity landscape: A blueprint for financial services competitiveness

Adam Preis

Adam Preis

Now hiring

See more