Slashdot Mirror
Large Zeus Botnet Used For Financial Fraud
An anonymous reader writes "A large Zeus version 2 botnet is being used to conduct financial fraud in the UK and is operated from Eastern Europe. The botnet appears to be controlling more than 100,000 infected computers. The criminals have been harvesting all manner of potentially lucrative and revenue-producing credentials — including online account IDs plus login information to banks, credit and debit card numbers, account types plus balances, bank statements, browser cookies, client side certificates, login information for email accounts and social networks, and even FTP passwords."
login information to banks, credit and debit card numbers, account types plus balances, bank statements, browser cookies, client side certificates, login information for email accounts and social networks and even FTP passwords
I was not mad right up until that last one and even FTP passwords. They can have all that other crap but when they take my precious FTP password, and I use FTP for all my most critical-to-security interent functions, well...war on buddy.
Breaking News: Another XXl botnet steals bank account numbers. However, the acquisition of emails and Facebook accounts is worrying.
Zeus version 2
So, like a good little early adopter, I upgraded and installed version 2 on my machine only to find that it was a huge bloated piece of crap. The original Zeus was so much more simple and elegant and now this thing is just chewing up cycles. Yeah, like the customer won't notice that. Seriously, all I wanted it to do was safely back up my bank statements to a remote server in case I lose them. And after the "Zeus Certified" debacle, I don't know who to believe when I ask "Will this computer run the simplest of viruses like Adobe PDF Reader?" Clearly Zeus is just a resource hog ... and looking forward at Version 3 (if it's even released on time) one wonder if they're even trying to build a quality botnet anymore. It's times like these that make you wonder if it's time to switch over to Mariposa ...
Is this thing limited to Redmond Operating Systems?
Botnet herders have access to a very large number of computers, it was only a matter of time until they realized that the data on these computers is worth far more than the few pence they are making from Viagra spam and blackmailing gambling sites with DDOS attacks.
One detail in the report struck me: the claim that they capture all web traffic and store it in an SQL server w/ a search frontend at CNC. This is evidently unfeasible, they would have to filter out only data posted into forms and the like. It would have been helpful had the report told about what "shape" this data took, what kind of auth mechanisms was leeched from. They had no whitepaper/analysis on their website, but there was this OS distribution pie chart: http://www.trusteer.com/sites/default/files/ZeusbotnetOSstats.jpg
Still, imagine having a line into that kind of setup, on a pay per-password-search basis.
Emotions! In your brain!
How do the criminals process all the information and filter out the valid ones?
Considering all these weird captchas on the login pages, I don't think it's possible to check every collected bank account automatically, and doing that manually would be too tiring.
Eastern Europe? What the fuck is this "Eastern Europe"? Have you ever been to the "Western Europe?" You are one fucking asshole, dweeb !!
why delete/obscure this perfectly good/topical post(mortem), attached to the space station repair article? we're talking quick fix for all difficulties now, right?
creators to repair planet/atmosphere. population? (Score:?0?)
by Anonymous Coward on Wednesday August 04, @06:21AM (#33135678)
save for the rescue of several billion innocents, everything else will be 'different'. it's all in the manuals. see you there?
meanwhile (hard to know how long); the corepirate nazi illuminati is always hunting that patch of red on almost everyones' neck. if they cannot find yours (greed, fear ego etc...) then you can go starve. that's their (slippery/slimy) 'platform' now. see also: http://en.wikipedia.org/wiki/Antisocial_personality_disorder
never a better time to consult with/trust in our creators. the lights are coming up rapidly all over now. see you there?
greed, fear & ego (in any order) are unprecedented evile's primary weapons. those, along with deception & coercion, helps most of us remain (unwittingly?) dependent on its' life0cidal hired goons' agenda. most of our dwindling resources are being squandered on the 'wars', & continuation of the billionerrors stock markup FraUD/pyramid schemes. nobody ever mentions the real long term costs of those debacles in both life & any notion of prosperity for us, or our children. not to mention the abuse of the consciences of those of us who still have one, & the terminal damage to our atmosphere (see also: manufactured 'weather', hot etc...). see you on the other side of it? the lights are coming up all over now. the fairytail is winding down now. let your conscience be your guide. you can be more helpful than you might have imagined. we now have some choices. meanwhile; don't forget to get a little more oxygen on your brain, & look up in the sky from time to time, starting early in the day. there's lots going on up there.
"The current rate of extinction is around 10 to 100 times the usual background level, and has been elevated above the background level since the Pleistocene. The current extinction rate is more rapid than in any other extinction event in earth history, and 50% of species could be extinct by the end of this century. While the role of humans is unclear in the longer-term extinction pattern, it is clear that factors such as deforestation, habitat destruction, hunting, the introduction of non-native species, pollution and climate change have reduced biodiversity profoundly.' (wiki)
"I think the bottom line is, what kind of a world do you want to leave for your children," Andrew Smith, a professor in the Arizona State University School of Life Sciences, said in a telephone interview. "How impoverished we would be if we lost 25 percent of the world's mammals," said Smith, one of more than 100 co-authors of the report. "Within our lifetime hundreds of species could be lost as a result of our own actions, a frightening sign of what is happening to the ecosystems where they live," added Julia Marton-Lefevre, IUCN director general. "We must now set clear targets for the future to reverse this trend to ensure that our enduring legacy is not to wipe out many of our closest relatives."--
"The wealth of the universe is for me. Every thing is explicable and practical for me .... I am defeated all the time; yet to victory I am born." --emerson
no need to confuse 'religion' with being a spiritual being. our soul purpose here is to care for one another. failing that, we're simply passing through (excess baggage) being distracted/consumed by the guaranteed to fail illusionary trappings of man'kind'. & recently (about 10,000 years ago) it was determined that hoarding & excess by a few, resulted in negative consequences for all.
consult with/trust in your creators. providing more than enough of everything for everyone (without any distracting/spiritdead personal gain motives), whilst badtolling unprecedented evile, using an unlimited supply of newclear power, since/until fore
Hmm maybe we should go back to phone banking. It's not like phones can be easily hacked to sniff passwords.
Oh wait, I forgot, we aren't in the 1980s any more. Nevermind.
I think I'll do my business in person now. I'll just have to make sure the Russian Mafia doesn't set up a look-alike storefront down the street that looks like my bank's latest branch office.
Sigh.
Well, at least I know my currency is real.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Mariposa is just as bloated - if not more so.
not only that, its less secure because it doesnt have a "benevolent dictator" calling the shots design-wise.
im running Conficker and its been working like a charm. granted, its market share is not that great, and as long as you hold the mouse the right way, it "just works".
honestly, i think this will be the year of the Conficker. Mariposa and Zeus are just too behind the curve.
Really? Botnet used for financial gain, just like every other botnet in the past decade?
I'm flabbergasted!
I do all my banking at an internet cafe
For justice, we must go to Don Corleone
Is that really large nowadays?
(-1: Post disagrees with my already-settled worldview) is not a valid mod option.
If you want Linux, Ubuntu, and the rest of the free OS's to stay superior and exploit-free, then why on earth would you ever want mainstream acceptance of said OS's? Wouldn't Linux et all going mainstream and replacing Windows/OSX mean that the botnets (and their owners) and scriptkiddies would then change their tactics to exploit whatever's currently dominant in market share?
If I were you, I'd be praying to the FSM for Windows/MS to stay dominant forever, just so that you could continue to use Linux without fear of someone writing script specifically to target YOUR OS's weaknesses. But that's just me
Here's to hot beer, cold women, and Glaswegian kisses for all.
I keep my Financial Password Protocol password written down on a piece of paper, locked securely in a safe-deposit box in one of Warsaw's larger banks.
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
Bankaccount details, ID details, I don't care about.
But even FTP passwords?
Given that virtually every botnet seems to originate in Eastern Europe, I can only assume that neck of the woods is now an endless tableau of McMansions, world-class prostitues, and Mercedes dealerships.
I'm sick and tired of all these Conficker fanboys. You sit and talk about your botnet being so great because its open source, and you can expose your information to any malicious actions you choose, big deal! I'll take my Mariposa walled garden any day, at least I know that I can give up my SSN, mother's maiden name, and current home address and I know it will "Just Work" when it comes to stealing my data.
We are fucking scoundrels, thieves, and third-world scum of the earth. Donchano? We are EASTERN EUROPEONS! I surely take from you for it longs to be mine. Thank you for your support!
they want their botnet ideas back.