Zeus spoofs Visa, MasterCard security programs

Bank Trojan injects fake enrollment screens during online banking sessions to trick users into divulging sensitive data.

The Zeus Trojan is using a new tactic to fool users by exploiting the Verified by Visa and MasterCard SecureCode security programs, researchers at online security provider Trusteer Inc. said.

When users of machines infected with Zeus start up an online banking session, the bank Trojan injects a fake enrollment screen for one of the security programs and prompts users to input their Social Security number, credit or debit card number, expiration date, and PIN or CSV code, according to New York-based Trusteer.

In the scheme, users are told that new FDIC rules require that they enroll in the Verified by Visa/MasterCard SecureCode program to protect their accounts.

Criminals use the data collected by Zeus to commit fraudulent transactions with retailers that use the payment card security programs, Trusteer said. The company, which supplies a browser security plug-in, discovered the new Zeus scheme through its Flashlight computer forensic service.

The Zeus Trojan, also called Zbot, has been used extensively by criminals in online banking heists, mostly against small and midsize businesses, nonprofits and municipalities.

Dig deeper on Emerging security threats and attacks

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSecurity

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

ComputerWeekly

Close