Zeus malware found with valid digital certificate

What is a Trojan?  A Trojan is a self replicating type of malware program that contains a malicious code that typically causes loss or theft of data and possible system harm.  There is a serious Trojan called “Zeus Banking” it works with a digital signature, rootkit and a data-stealing malware component.  It can come through a web page or an email may appear from Cybercriminals from a major bank. Please be aware if you encounter this Trojan your system will be infected.

“A recently discovered variant of the Zeus banking Trojan was found to use a legitimate digital signature to avoid detection from Web browsers and anti-virus systems.  The variant includes the digital signature, a rootkit and a data-stealing malware component. Malware with a valid digital signature is an extremely dangerous situation.  Zeus is typically distributed through a compromised web page or through a phishing attack in which cybercriminals send email that appear to come from a major bank.  A sample of the latest Zeus variant tried to trick the recipient into executing it by posing as an Internet Explorer document that included an icon similar to the Windows browser. Because the file is digitally signed with a valid certificate, it appears trustworthy at first glance. When executed, the malware downloads the rootkit and a program capable of stealing login credentials, credit card information and other data a person keys into a web form. The rootkit prevents the malicious files from being deleted by either the computer user or AV software.  Zeus malware typically launches a man-in-the-browser attack when a person visits an online banking site. The malware lets hackers create a remote session where they can see what the victim is doing and secretly intercept all data flowing from the activity. For example, if the victim transfers funds on a banking site, the payment information will display as usual, but behind the scenes the hackers will alter the transaction and send the money to another account. Zeus is one of the oldest families of financial malware. Also called Zbot, the malware’s source code was leaked on the Internet in 2011, resulting in a surge of customized versions. Among the more popular Zeus-based Trojans are Citadel and GameOver.” (IT News)

For more information, learn how to avoid this Trojan or need malware removed from your technology devices; please contact Cohen Electronics, LLC at 323-380-5612, info@cohenelectronics.com or visit our website at www.cohenelectronics.com.





Contact Info