Zeus isn’t just the ruler of Mount Olympia, for now Zeus is also atop the botnet world.
As I mentioned in my previous blog, the Zeus family of malware is currently the number one botnet online. According to a recent article, “Zeus Trojan moving past anti-virus protections”, this particular type of malware, which targets bank-related information, has infected 3.6 million PC’s in the United States alone. What makes this malicious code so successful is its ability to bypass even the latest anti-virus software without even knowing it. Once a system is infected, the code waits until the unsuspecting user accesses a predefined banking URL in the code. When one of those sites is accessed, the login information is sent back to the criminals. Even more, the malware can also modify a legitimate web page from a bank’s server to ask for personal information such as a payment card number, passwords, and so on.
What’s so disconcerting is that even the most up-to-date AV programs lack the ability to effectively block Zeus malware.
The story goes on to say that in raw data recently collected from 10,000 users over the course of one day, even up-to-date AV software were only effective at blocking Zeus infections 23% of the time. If this trend continues, that’s seriously bad news for customers and banks, alike not to mention the business community at large. You can only imagine how fast those numbers drop with computers or systems that either lack adequate AV protection or are running out-of-date security programs.
The bottom line is this – both consumers and businesses must take proactive steps if they expect to protect their systems from the latest forms of malware variants. Adding another layer of protection such as application whitelisting is a step in the right direction to help block unapproved code intended to steal login information and access their bank accounts in front of their very eyes.