http://www.networkworld.com/news/2010/031110-zeus-botnet.html By Ellen Messmer Network World March 11, 2010 New capabilities are strengthening the ZeuS botnet, which criminals use to steal financial credentials and execute unauthorized transactions in online banking, automated clearing house (ACH) networks and payroll systems. The latest version of this cybercrime toolkit, which starts at about $3,000, offers a $10,000 module that can let attackers completely take control of a compromised PC. Zeus v.1.3.4.x (code changes are always underway by the author and owner, who is believed to be one individual in Eastern Europe) has integrated a powerful remote-control function into the botnet so that the attacker can now "take complete control of the person's PC," says Don Jackson, director of threat intelligence at SecureWorks, which released an in-depth report on ZeuS this week. This new ZeuS feature, which was picked up from an older public-domain project from AT&T Bell Labs known as "Virtual Network Computing," gives ZeuS the kind of remote-control capability that might be found in a legitimate product like GoToMyPC, Jackson says. SecureWorks calls this a "total presence proxy," and it's so useful to criminals, just this one VNC module for ZeuS costs $10,000. The Windows-based ZeuS Trojan software, which takes up about 50,000 bytes on a compromised Windows-based computer, is designed to plunder accounts in North American and United Kingdom banking systems via the victim's computer. The criminal might be located a continent away, directing unauthorized transfers of funds to accounts through elaborate command-and-control systems. [...] ___________________________________________________________ Register now for HITBSecConf2010 - Dubai, the premier deep-knowledge network security event in the GCC, featuring keynote speakers John Viega and Matt Watchinski! http://conference.hitb.org/hitbsecconf2010dxb/Received on Thu Mar 11 2010 - 22:13:22 PST
This archive was generated by hypermail 2.2.0 : Thu Mar 11 2010 - 22:23:22 PST