Skip Tags

Popular Tags

Decorative icon

The Resource Center Online Security Issues & Protection | post

The infamous Zeus malware virus is back and it threatens your bank account

by Steve Schwartz on

The Zeus virus (ZBOT) is back, especially in the U.S. and Canada, and this is not good news for many computer users.

First detected in 2007 Zeus had an initial run of about a year, then  it seemed to go dormant But still it has still infected millions of computers over the past six years. Now, according to computer security experts, it's back, and with a vengeance, in a new and improved version.

This virus is especially insidious. Following the initial infection of a computer Zeus lays dormant doing nothing, until you access an online banking site. Then depending on the version that has infected your computer, a keylogging feature will steal your username and passwords and forward them to the fraudster who has put the infection on your computer. If this happens, say goodbye to your bank balance.

Sometimes the Zeus virus is able to instantly replicate your bank's website - which you think you have logged onto, and using a set of seemingly innocent questions, attempts to steal other personal data beyond your user name and password.

(This is obviously a strong indicator for "two step authenticating" for accessing your banking site.)

Even worse, new versions of the Zeus trojan can contact a command-and-control (C&C) server and makes itself available to perform additional functions. This allows a remote attacker to command the Trojan to download and execute further files, shutdown or reboot the computer, or even delete system files, rendering the computer unusable without reinstalling the operating system.

Traditionally, the malware has been spread by email. The potential victim will receive an email purporting to be from a bank, the FDIC, IRS, MySpace, Facebook or another social media site. The email warns of a problem with their online account and requests the recipient click on a link to go to a (bogus) site to correct the problem. This time around, however, the scammers seem to be using bogus Facebook pages to infect computers. One bogus that has been found by security experts is "Bring the N.F.L to Los Angeles." You "friend" one of these bogus pages and the malware virus is immediately downloaded to your computer.

Obviously this is a problem if your kids use the family computer to log onto their Facebook accounts. They may never visit a banking site, but if the family computer is infected, or the virus is passed through a home network, you are in trouble.

You need to make sure you are using a anti-virus software that has strong anti-malware protection. If so it will look at any downloads and the most popular programs - if kept completely current - will prevent the virus from being downloaded. If you suspect your computer might be infected, you can download free programs from most of the big anti-virus software providers that will search your computer for the virus and kill it.