Zeus

Security researcher Raashid Bhatt has detailed how to bust the security protections of the Zeus banking trojan allowing him to take a webcam photo of the scammer.

Bhatt (@raashidbhatt) wrote in a technical blog how he reverse-engineered the malware after a scammer attempted to foist the malware on him through a phishing scam claiming that "a person from your office was found dead outside" directing him to open a malicious attachment to verify the victim's identity.

Researchers have discovered a new Zeus variant that packs fewer malicious tricks, but uses not-to-be-overlooked encryption mechanisms to remain undetected.

Fortinet detailed the variant, dubbed “Lite Zeus,” in Thursday blog post. According to Kan Chen, a junior AV analyst with Fortinet's FortiGuard Labs, the malware is distinct from other versions of Zeus, like Gameover, due to its network communication, command-and-control protocol and encryption techniques.

A new wave of spam campaigns are dispensing "Gameover,” the only banking trojan in the Zeus family to use peer-to-peer (P2P) communications to hide its activities.

The threat of the malware has become even more pervasive now that criminals are using Cutwail, the world's largest spam botnet, to deliver malicious emails containing Gameover. The spam is made to look like messages from top U.S. banks, researchers at Dell SecureWorks Counter Threat Unit (CTU) found, with the hopes of luring users into clicking attached PDF files.

Microsoft has named two of the 39 defendants it is suing for their alleged role in operating the Zeus botnet.

According to an amended civil complaint filed last week in U.S. District Court in Brooklyn, Microsoft named Yevhen Kulibaba and Yuriy Konovalenko as defendants. The other defendants remain listed as "John Does."

Considering Anonymous’ disparate nature, and no central authority calling the shots, it’s a surprise this group has not turned on each other already. Antivirus firm Symantec reports that associates of the group are finding themselves victims of denial-of-service software that has been infected by a Trojan horse.

A new worm spreading on Facebook is aiming to infect users with the data-stealing trojan Zeus, security researchers have warned.

The worm uses stolen Facebook account details to log in to users' accounts and spam their contacts, according to researchers at Danish security firm CSIS, which first identified the threat.