Security Lessons In Zeus Botnet Raid On UK Bank Accounts
Tom Kelchner, 12/08/2010, posted in "Analysis"
Tom Kelchner is Research Center Manager at Sunbelt Software. Tom is a communications professional with extensive background in computer security, anti-virus application testing and computer virus analysis. He is ...more info
Tom Kelchner is Research Center Manager at Sunbelt Software. Tom is a communications professional with extensive background in computer security, anti-virus application testing and computer virus analysis. He is a former daily newspaper reporter and deputy press secretary to governor of Pennsylvania. ...less info
The well-read UK security news site The Register is carrying a story detailing how the operators of the Zeus botnet planted their sophisticated malware on thousands of UK bank customers’ computers, stole log-in information then raided the accounts for more than $1 million with the help of money mules.
Bradley Anstis, vice president of technical strategy for M86 Security, which discovered the attack several weeks ago, told The Register that his company is providing information to the bank involved as well as law enforcement officials.
He said the M86 identified the botnet a command and control server — hosted in Moldova — and downloaded log files from it.
“It also found that the exploit pack used to seed the attack had claimed a much larger number of victims – as many as 300,000 machines. The vast majority were Windows boxes, but 4,000 Mac machines were also hit.
“The logs also revealed that 3,000 online banking accounts had been victimised between 5 July and 4 August alone,” The Register said.
This should be the big wake-up call for Mac users: it’s time to run an anti-virus application and firewall.
We’re NOT going to get into the ever-raging fight about the intrinsic security of Macs vs. Windows. Banking Trojans like the one responsible for this million-dollar rip-off are operating-system neutral. They get installed when the person USING the machine gets social engineered into running an installer. Mac OS will not protect users from themselves these highly-sophisticated and ever-evolving schemes that snatch bank login information.
Bank customers might consider the following:
- Install an anti-virus application and firewall on your machine (Macs too) and keep them updated.
- Small businesses might consider having a machine dedicated to banking transactions that is NOT used for routine email or web browsing. Access to the machine should be limited to employees who need to interact with the bank account.
- If your banking transactions are fairly simple, use your bank’s phone-banking system (if one is available) to do your banking.
Subscribe via RSS or via email
