Zeus Trojan – Online Password Stealing Tool Getting More Potent
Zeus Trojan is one of the deadliest trojan, which is aimed to steal your passwords to the finance related websites and institutions. It directly affects your privacy and personal security and can potentially cause huge monetory losses to the victims.
And the worst part of the story is that it is still capable of fooling around most of the security software and remain in disguise in your system, even if you have some of the most sophisticated and updated versions of the Antivirus suites installed in your computer.
There have been several versions of Zeus Virus released, the last being Zeus 3. Earlier Zeus 2 had caused havoc to the security of the computer users all over the world. In its latest release, it is learnt that Zeus Trojan has now acquired the capabilities to break into users’ bank accounts in spite of two-factor authentication systems.
What is Two-factor authentication
Two-factor authentication means using any independent two of these authentication methods (e.g. password + value from physical token) to increase the assurance that the bearer has been authorized to access secure systems. The owner of secure data or the operator of such secure systems is implementing two-factor authentication for laptops first because of the inherent security risks in mobile computers, to make it more difficult for unauthorized persons to use a “found” laptop to access secure data or systems.
With mobile phones or smart phones, the quality of the problem does not change: A lost or left phone shall not be activated to enable the finder for unauthorized access to secure data or system. Multi-factor authentication hence means two or more of the authentication factor required for being authenticated.
In a recent blog post, the noted security vendor Trend Micro has observed…
The technique behind these attacks is simple. A ZBOT variant modifies target bank sites in such a way that whenever the bank asks for an authentication code to be sent to the mobile phone or not, the user is prompted to enter that phone’s number first. The user then receives a text message containing a link to a rogue Symbian application.
This piece of mobile malware, once installed, intercepts all text messages from the specific senders (e.g., banks) and forwards them to a separate number under the control of the attacker. Because the attacker has both the victim’s user name, password, and any authentication code sent over the mobile phone, he/she can conduct malicious business as if the two-factor authentication never took place.