Zeus Trojan gets makeover to beat Firefox
21 April 2010 | 12968 views | 0
A new, polymorphic version of the infamous Zeus online banking Trojan that can target Firefox users is spreading at an unprecedented rate, according to security outfit Trusteer.
ZeuS - a type of sophisticated malicious computer program - has been used to harvest millions of lines of data from affected machines. It records online bank account details and passwords, credit card numbers and other personal information, before causing the computer to forward the data to servers under the control of the distributors.
Now, Trusteer says a completely new version of the Trojan has begun targeting Firefox as well as Internet Explorer browsers. Previous versions were incapable of exploiting Firefox but Zeus 2 supports HTML injection and transaction tampering for the browser, two techniques which are effectively used to bypass strong authentication and transaction signing.
The firm says it has detected version 2 on one in every 3000 computers it monitors - "an unprecedented rate of distribution for new financial malware code".
Amit Klein, CTO of Trusteer, says: "We expect this new version of Zeus to significantly increase fraud losses, since nearly 30 percent of internet users bank online with Firefox and the infection rate for this piece of malware is growing faster than we have ever seen before."
Zeus has been implicated in a wave of successful online banking assaults on US small businesses and a $6 million commercial account heist on 20 European banks in the summer of 2008. In November the Metropolitan Police's Central e-Crime Unit arrested a man and woman in connection with the infamous Trojan.