Industry News

Zeus Malware Grabs Your Money via Facebook, Gmail

A new variant of the notorious Zeus malware is targeting Facebook and Gmail. The fresh scam asks unwary users to “link” their credit card information with either Facebook or Google and transform these accounts into digital wallets.

Whenever the user tries to bring up Facebook or Gmail from an infected PC, they are presented with the genuine service login page, but, in the background, Zeus injects its code in the login form to also request credit card information.

The attack is extremely convincing as the browser shows the URL of the real login service. It also offers a good explanation as to why the user is asked to enter credit-card info: Facebook users are told they can directly buy Facebook credits after they link the credit-card to the account, while Gmail users are told they can use Gmail as a “digital wallet” and pay by simply entering their e-mail address.

“Pages include the branding and messaging typical to each of the industries the cybercriminals are targeting. They are even personalized with the victim’s name,” said Andreas Baumhof, the CTO of ThreatMetrix, a company specialized in fraud prevention. “To protect users and customers, all of these industries must realize how sophisticated today’s cybercriminals are and take proper steps to prevent these attacks.”

Just like any strain of Zeus, the malware can manipulate the way the bank reports account balances so victims are unaware that money has been moved out of the account.

About the author

Bogdan BOTEZATU

Bogdan Botezatu is living his second childhood at Bitdefender as senior e-threat analyst. When he is not documenting sophisticated strains of malware or writing removal tools, he teaches extreme sports such as surfing the web without protection or rodeo with wild Trojan horses. He believes that most things in life can be beat with strong heuristics and that antimalware research is like working for a secret agency: you need to stay focused at all times, but you get all the glory when you catch the bad guys.

3 Comments

Click here to post a comment