20 October 2017
Find out more

Corporates target for Zeus IT helpdesk Trojan attack

16 October 2009  |  1662 views  |  0 Source: Trusteer

Trusteer, the customer protection company for online businesses, today issued a security advisory that exposes and provides protection recommendations against a stealth new Zeus/Zbot phishing attack aimed at harvesting from enterprise users log-in credentials used for web banking, financial, HR, and SaaS accounts. The attack is highly effective because it pretends to be an e-mail from the corporate IT department asking the user to update their Microsoft Webmail (Outlook Web Access) settings.

Once installed, the Trojan injects itself into the browser and monitors all traffic. It then steals log-in credentials to sensitive websites. Zeus also changes web pages presented in the browser, asking for additional sensitive information and sending it to the attackers. Trusteer has located servers in Russia, Chile, Hungary, Colombia, and Romania, which are being used in this very organized criminal attack. The full Trusteer report is available at http://www.trusteer.com/files/Zeus-OWA_Advisory_Oct_2009.pdf.

"This attack illustrates how organized internet crime syndicates are expanding their focus from consumers to enterprises, by targeting employees with credentials to access high value banking, financial, and other web-based applications," said Mickey Boodaei, CEO of Trusteer. "The level of personalization used in these Phishing messages and the fact that they appear to be coming from the company's IT department makes this attack very convincing and by extension very dangerous. We are urging enterprises to warn their employees and lock down browser settings to prevent unauthorized code execution inside the browser."

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.niceactimize.com visit www.fivedegrees.nl

Top topics

Most viewed Most shared
Ripple looks to drive bank adoption with $300m XRP rebate programmeRipple looks to drive bank adoption with $...
16099 views comments | 12 tweets | 4 linkedin
satelliteGates Foundation backs Ripple collaboratio...
8351 views comments | 13 tweets | 10 linkedin
HSBC partners Bud for open banking trialHSBC partners Bud for open banking trial
8035 views comments | 21 tweets | 26 linkedin
IBM uses blockchain to improve cross-border payments processingIBM uses blockchain to improve cross-borde...
7333 views comments | 9 tweets | 17 linkedin
Sibos 2017: API or the highwaySibos 2017: API or the highway
6680 views comments | 10 tweets | 21 linkedin

Featured job

Competitive
New York, NY - USA (some flexibility on location)

Find your next job