Any Word on Zeus?
Earlier this year, the <a href="http://krebsonsecurity.com/2010/02/zeus-attack-spoofs-nsa-targets-gov-and-mil/">Zeus</a> banking Trojan infected hundreds of computers within the federal government leaving experts no choice but to prepare for a mass attack. The then e-mail campaign was designed to steal passwords, but at the time was only sent to government and military e-mail addresses.
Earlier this year, the Zeus banking Trojan infected hundreds of computers within the federal government leaving experts no choice but to prepare for a mass attack. The then e-mail campaign was designed to steal passwords, but at the time was only sent to government and military e-mail addresses.
Six months after the first attack, experts wonder if Zeus is still growing. By all accounts, the Trojan has continued to evolve and now targets the credentials of some financial institutions. But there haven't been any mass attacks. Still, it might behoove businesses to take precautionary measures.
Those that have been recommended include limiting administration rights to select users, having a PC only for financial banking and the like, stay current on all patches, and utilize antimalware/whitelisting technology. No technical solution will protect you from Zeus completely, but you should always be on the lookout for new technical tools as well as talking with your financial institution about its protections. It's also important to document any suspicious e-mails that can be used in forensic examinations. If you do get victimized, there might still be a way to ensure your attacker is held accountable.
NEXT STORY: More on Cyberwar