- Joined
- Jan 28, 2007
- Messages
- 2,239
- Reaction score
- 306
Zeus Botnet Targeting Retailer Credit Cards
Zeus Botnet Targeting Retailer Credit Cards -- Malware Attack -- InformationWeek
That warning was issued on Wednesday by Amit Klein, CTO of data security firm Trusteer. "Our research group recently discovered a Zeus botnet that is targeting credit card accounts of major U.S. retailers including Macy's and Nordstrom just as the holiday gift buying season is in full swing," he said in a blog post.
Consentry's NAC Host Assessment is fairly rudimentary Klein said the new capabilities are built into Zeus 2.1.0.8 -- the latest version -- and appear designed to steal people's credit card details so criminals can conduct "card not present" (CNP) transactions. Merchants must typically foot the bill for any CNP fraud that occurs on their cards, thus many have invested substantial resources into detecting fraudulent transactions.
Accordingly, the Zeus malware now takes additional steps to circumvent anti-fraud measures. "The attack we discovered uses social engineering to gather additional information beyond the credit card number that will make it easier for the criminal to bypass fraud detection measures used to investigate suspicious transactions," said Klein.
Learn how to analyze more data in less time so you can make better trading and risk management decisions
Risk Management Systems – Flaws, Fixes and Future Plans
In particular, Zeus can inject a seemingly legitimate "man-in-the-middle pop-up," he said, which requests the user's credit card number -- for Macy's or Nordstrom, as appropriate -- as well as card expiration date, CVV security code, social security number, mother's maiden name, and date of birth. After entering the information, users hit a button that says "verify." Of course, nothing is being verified; the information is being recorded by Zeus and funneled to the criminals behind this operation.
This latest attack highlights the challenge faced by merchants, as well as security firms, of trying to keep pace with rapidly evolving financial malware. Indeed, the emergence of inexpensive financial malware such as Zeus -- apparently available for as little as $3,000 on the black market, though customizing it with other capabilities can easily add another $10,000 -- means that criminals without computer expertise now have access to cheap botnets and automated attack toolkits.
Interestingly, the new capabilities come in the wake of October's reported announcement that the creator of Zeus, feeling the heat, was going to retire. Security experts say they're not holding their breath.
InformationWeek Analytics is conducting a survey to determine the satisfaction with vendors of Web security gateways. Take the survey now and be eligible to win an iPad. Survey ends Dec. 10.
Zeus Botnet Targeting Retailer Credit Cards -- Malware Attack -- InformationWeek
That warning was issued on Wednesday by Amit Klein, CTO of data security firm Trusteer. "Our research group recently discovered a Zeus botnet that is targeting credit card accounts of major U.S. retailers including Macy's and Nordstrom just as the holiday gift buying season is in full swing," he said in a blog post.
Consentry's NAC Host Assessment is fairly rudimentary Klein said the new capabilities are built into Zeus 2.1.0.8 -- the latest version -- and appear designed to steal people's credit card details so criminals can conduct "card not present" (CNP) transactions. Merchants must typically foot the bill for any CNP fraud that occurs on their cards, thus many have invested substantial resources into detecting fraudulent transactions.
Accordingly, the Zeus malware now takes additional steps to circumvent anti-fraud measures. "The attack we discovered uses social engineering to gather additional information beyond the credit card number that will make it easier for the criminal to bypass fraud detection measures used to investigate suspicious transactions," said Klein.
Learn how to analyze more data in less time so you can make better trading and risk management decisions
Risk Management Systems – Flaws, Fixes and Future Plans
In particular, Zeus can inject a seemingly legitimate "man-in-the-middle pop-up," he said, which requests the user's credit card number -- for Macy's or Nordstrom, as appropriate -- as well as card expiration date, CVV security code, social security number, mother's maiden name, and date of birth. After entering the information, users hit a button that says "verify." Of course, nothing is being verified; the information is being recorded by Zeus and funneled to the criminals behind this operation.
This latest attack highlights the challenge faced by merchants, as well as security firms, of trying to keep pace with rapidly evolving financial malware. Indeed, the emergence of inexpensive financial malware such as Zeus -- apparently available for as little as $3,000 on the black market, though customizing it with other capabilities can easily add another $10,000 -- means that criminals without computer expertise now have access to cheap botnets and automated attack toolkits.
Interestingly, the new capabilities come in the wake of October's reported announcement that the creator of Zeus, feeling the heat, was going to retire. Security experts say they're not holding their breath.
InformationWeek Analytics is conducting a survey to determine the satisfaction with vendors of Web security gateways. Take the survey now and be eligible to win an iPad. Survey ends Dec. 10.
