Matt Gunn, Managing Editor | TechComply
Multiple reports have surfaced indicating the vicious ZeuS malware is making a comeback, and is targeting small- to medium-sized business (SMBs) and personal financial information.
This time, the keylogging Trojan horse and Zbot variants are “reemerging with a vengeance,” writes Jay Yaneza on security software provider TrendMicro’s blog. He tracks activity back to February, with activity spiking in May.
Since the last big waves of ZeuS malware activity a few years ago, the software has been updated, InformationWeek reports:
ZeuS’s second verse is much the same as the first; though technically a new threat, the fundamentals here should all sound familiar. The malware is good at stealing data off of infected machines. Banking credentials are the favorite target. And while ZeuS doesn’t discriminate, smaller companies are especially vulnerable to its fallout.
The trade publication goes on to write that SMBs are particularly vulnerable, in part because they typically have more money than an average individual, and because they don’t often have the same kind of information security protection as a larger corporation. The ZeuS malware deploys a “man in the browser” tactic, logging keystrokes and form entries — most often looking for information related to an individual or business’ bank accounts, such as usernames, passwords and account numbers.
In the latest wave, NBC News points out, people are falling victim to ZeuS through fake links for pages on social sites like Facebook. Someone browsing on a computer scan a link and see a trusted site name like Facebook in it (but ending with something like a “.tk”), then click on it without realizing it’s a fake. Once the software is on a computer, the average user might not know how to identify and remove it.
Banks and credit unions can be particularly vulnerable from these types of threats, whether it’s through one of the institution’s machines becoming infected or through a customer’s. Strong policies and best practices in network security and malware prevention can go a long way toward protecting an institution. But as much as an institution works to protect its own computers and networks, they can’t protect the computers of each individual customer.
RELATED: Best Practices for Malware Removal and Prevention for Your Financial Institution
Information Security: 10 Steps Users Should Follow