Trusteer says TechCrunch Europe’s Zeus trojan infection is the tip of a growing iceberg of site infections and spammed email
ECM Plus – IT security website TechCrunch Europe has served up a Zeus trojan-installer PDF file to its visitors on Monday of this week and, says provider of secure browsing services Trusteer. Apparently, the infection is down to the rising tide of Zeus attacks.
“The bad news about this infection, which lasted several hours on Monday of this week, is that – as security researcher Rik Ferguson says in his blog
(http://bit.ly/bL2Jjx) – just two of 43 IT security applications can detect this malware variant,” he said.
Boodaei, whose company supplied free in-browser security software to a growing number of banks worldwide, says the TechCrunch fiasco is all part of the rising problem of Zeus infections.
The number of users who are infected with Zeus, he says, has increased over the past month due to aggressive distribution attempts made by fraudsters.
The two leading infection routes, he explained, are compromised website that serve up a Zeus infection to visitors and spammed emails that include Zeus as an attachment or link.
And whilst the quantity and hacking quality of these attacks have increased, Trusteer is also seeing a drop in antivirus detection rates for Zeus as this example shows – http://bit.ly/dic6i7.
“Trusteer warned a while ago that the newer version of Zeus is very effective in avoiding detection by IT security software and the increased Zeus infection rates demonstrates this,” he said.
“We estimate that fraud losses due to Zeus specifically are going to triple in 2011 due to the increase in distribution and lack of coverage by antivirus vendors. This latest infection of the TechCrunch Web portal is just the tip of the iceberg,” he added.
“The good news is that, if users of HSBC, Natwest, Santander and other UK banks download a copy of our free Rapport in-browser software, even if they are infected, the software will prevent their e-banking credentials from leaking.”