“All-in-one”Zeus Trojan package for sale
RSA, The Security Division of EMC, today released the highlights from its online fraud report for April 2008. Please see media alert below for more details
Media Alert: RSA AFCC detects “All-in-one”Zeus Trojan package for sale
Auckland, New Zealand, May 15, 2008 – RSA, The Security Division of EMC, today released highlights from its online fraud report for April 2008.
The RSA Anti-Fraud Command Centre (AFCC) reported on the continual spread of phishing in the APAC region highlighting that New Zealand and Australia have now appeared in the regional breakdown of attacked global banking brands for two consecutive months. The recent rise in attacks could be attributed to the growing number of Fast-Flux domains and phishing attacks reportedly hosted specifically in Tokelau, New Zealand. April was the first time that Tokelau appeared in the regional breakdown of attacked global banking brands.
Another contributing factor could be that fraudsters in the underground are now offering access to an “all-in-one” solution – a bullet-proof hosting server with a built-in Zeus Trojan administration panel and infection tools.
The AFCC has noted that fraudsters can now rent a service that provides them with a ready-made Zeus attack infrastructure. With all of the required stages in a single package, fraudsters now need only pay for the service, access the newly-hired Zeus Trojan server, create infection points and start collecting data. Those who have installed the Zeus administration panel on their servers are also offered advanced “exploit packages” that facilitate Zeus infections. The exploit package allows fraudsters to easily infect users and grow a Botnet of compromised machines. Thus, an entire Zeus attack comes alive, using a single service package that fraudsters can buy online.
# # #
RSA, The Security Division of EMC, is the premier provider of security solutions for business acceleration, helping the world's leading organisations succeed by solving their most complex and sensitive security challenges. RSA's information-centric approach to security guards the integrity and confidentiality of information throughout its lifecycle - no matter where it moves, who accesses it or how it is used.
RSA offers industry-leading solutions in identity assurance & access control, encryption & key management, compliance & security information management and fraud protection. These solutions bring trust to millions of user identities, the transactions that they perform, and the data that is generated. For more information, please visit www.RSA.com and www.EMC.com.
About the Zeus Trojan
The Zeus Trojan is considered the latest step in the evolution of a family of financial crimeware that began with the notorious Limbo Trojan. Limbo, and its successor Zeus,
are designed to perform advanced key logging when infected users access specific web pages, including pages which are protected by SSL protocols. Zeus is also equipped with impressive self-protection mechanisms and encryption: Zeus’ entire communication is encrypted, and the information it collects is encrypted when it is sent to the drop point.