Number: IRCNE2014122403
Date: 2014/12/20
According to “zdnet”, Kaspersky has discovered a fresh ZeuS malware strain which has targeted financial institutions worldwide.
The company says the banking trojan's latest form has targeted a total of 150 different banks and 20 payment systems worldwide; focusing on the infiltration of online banking. In total, 15 countries have been attacked, including the United Kingdom, United States, Spain, Russia, Japan and Italy.
The security firm dubbed the new ZeuS strain Trojan-Banker.Win32.Chthonic, and reported its findings in a blog post Thursday.
ZeuS is a nasty form of malware which has been tailored for different cyberattacks. Banks have been a major target of the malicious code, but ZeuS has also been discovered in phishing campaigns and attacks focused on Salesforce.com accounts.
Chthonic, which impacts Windows machines, has been discovered in emails containing exploits hidden within RTF documents. Once the document is opened, the malware is downloaded to victim machines using the Andromeda bot, which then injects code into the msiexec.exe process.
Now the victim's computer is compromised, criminals can connect to the system remotely and force it to carry out fraudulent transactions. If a victim tries to access an online banking system, the malicious code kicks in and intercepts sensitive data including phone numbers, usernames, passwords, PINs and other information -- which is then sent onwards to the hacker.
The ZeuS strain also contains keylogging, microphone hijacking and webcam-spying capabilities.
- 2