Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Sunday, 29 January, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

New Zeus variant includes legitimate digital signature

by The Gurus
April 4, 2014
in Editor's News
Share on FacebookShare on Twitter

A variant of the Zeus banking Trojan was found to use a legitimate digital signature to avoid detection from Web browsers and anti-virus systems.
 
According to a blog by Comodo, this new variant of the banking Trojan combines a legitimate digital signature, malware component and a rootkit. The digital signature assures browsers and anti-virus, but Comodo warned that with this “approval”, businesses are much less likely to take action or will give lower levels of warning. To date, over 200 unique hits for this Zeus variant have been detected.
 
A typical attack using Zeus includes a “Man-the-Browser” (MitB) attack where attackers create a remote session where they can see exactly what the victim is doing and interfere with their actions without their knowledge.
 
Lancope chief technology officer, TK Keanini, said: “Zeus and its family of malware continues to evolve in two dimensions: how it remains hidden and how it remains effective as a keystone in crimeware activities. I continue to be impressed with each phase of its evolution and Zeus with a valid digital certificate is trouble for everyone.
 
“The executable part of Zeus resides on the victim’s machine where the primary detection capabilities are provided by an anti-virus suite. Having the valid certificate means that it will likely go undetected by the anti-virus protection. However since Zeus is a Man-In-The-Browser (MiTB) style of attack, the attacker has completely control over what information they steal as you click and type and more importantly, what you see in your audit trail as the bank statements render to your screen.
 
“I follow Zeus closely mainly because I think it has a tainted past, it is still really effective, and because it’s source code has been released, talented individuals out there keep releasing variant that are more and more sophisticated.”
 
Zeus was originally disrupted in 2012 when a collection of companies led by Microsoft took down command and control servers for the Trojan, which was one of the most prevalent threats at the time.

FacebookTweetLinkedIn
ShareTweetShare
Previous Post

Microsoft to release four patches on XP D-Day

Next Post

Okta talk about how cloud and IAM are meeting

Recent News

Data Privacy Day: Securing your data with a password manager

Data Privacy Day: Securing your data with a password manager

January 27, 2023
#MIWIC2022: Carole Embling, Metro Bank

#MIWIC2022: Carole Embling, Metro Bank

January 26, 2023
Lupovis eliminates false positive security alerts for security analysts and MSSPs

Lupovis eliminates false positive security alerts for security analysts and MSSPs

January 26, 2023
Threat actors launch one malicious attack every minute

Threat actors launch one malicious attack every minute

January 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information