Slashdot Mirror

← Back to Stories (view on slashdot.org)

Large Zeus Botnet Used For Financial Fraud

Posted by CmdrTaco on from the zeus-shorts-out-his-enemies dept.

An anonymous reader writes "A large Zeus version 2 botnet is being used to conduct financial fraud in the UK and is operated from Eastern Europe. The botnet appears to be controlling more than 100,000 infected computers. The criminals have been harvesting all manner of potentially lucrative and revenue-producing credentials — including online account IDs plus login information to banks, credit and debit card numbers, account types plus balances, bank statements, browser cookies, client side certificates, login information for email accounts and social networks, and even FTP passwords."

16 of 68 comments (clear)

  1. Oh no by Anonymous Coward · · Score: 5, Funny

    login information to banks, credit and debit card numbers, account types plus balances, bank statements, browser cookies, client side certificates, login information for email accounts and social networks and even FTP passwords

    I was not mad right up until that last one and even FTP passwords. They can have all that other crap but when they take my precious FTP password, and I use FTP for all my most critical-to-security interent functions, well...war on buddy.

    1. Re:Oh no by AndrewNeo · · Score: 3, Informative

      I don't know if you honestly expect Microsoft to add useful features to IE, but at least with Firefox that's what addons are for.

    2. Re:Oh no by datapharmer · · Score: 3, Insightful

      the browser support for ftp is typically intended for anonymous browsing. If you want full fledged support for ftp and its secured variants get an ftp client. I don't complain that filezilla doesn't browse the web well...

      --
      Get a web developer
  2. Again ... by krzysz00 · · Score: 4, Funny

    Breaking News: Another XXl botnet steals bank account numbers. However, the acquisition of emails and Facebook accounts is worrying.

    1. Re:Again ... by oldspewey · · Score: 5, Funny

      Are you insane? With a facebook login, these people could mess with my FarmVille and CafeWorld apps.

      --
      If libertarians are so opposed to effective government, why don't they all move to Somalia?
  3. Version 2 Review -- Why upgrade? by Anonymous Coward · · Score: 5, Funny

    Zeus version 2

    So, like a good little early adopter, I upgraded and installed version 2 on my machine only to find that it was a huge bloated piece of crap. The original Zeus was so much more simple and elegant and now this thing is just chewing up cycles. Yeah, like the customer won't notice that. Seriously, all I wanted it to do was safely back up my bank statements to a remote server in case I lose them. And after the "Zeus Certified" debacle, I don't know who to believe when I ask "Will this computer run the simplest of viruses like Adobe PDF Reader?" Clearly Zeus is just a resource hog ... and looking forward at Version 3 (if it's even released on time) one wonder if they're even trying to build a quality botnet anymore. It's times like these that make you wonder if it's time to switch over to Mariposa ...

  4. I predicted this by 1s44c · · Score: 4, Insightful

    Botnet herders have access to a very large number of computers, it was only a matter of time until they realized that the data on these computers is worth far more than the few pence they are making from Viagra spam and blackmailing gambling sites with DDOS attacks.

    1. Re:I predicted this by Delarth799 · · Score: 3, Insightful

      Usually people who end up infected with this sort of stuff are the same people who ignore the patches and updates for the operating system, which usually happens to be windows. They almost never download and install the updates because it slows down their web browsing or whatever and to them they just see it as an annoyance. They likely have only the most basic of anti-virus software installed and never actually bother to run it, or they just don't have anything at all. They click on ads left and right because it says "free download" or some other crap and they probably wouldn't know that the advertisement for free wallpapers or whatever could do anything bad to their computers. The people who usually get infected are the same across the board sadly enough, they don't care to take a few basic steps to protect themselves and take the 20 minutes or so to just get some good anti-virus software on their computer and run it once a week or not open and download every advertisement they see and click on every link in every email they get which is probably where most of them get infected from. Now I am sure there are a small percentage who are very tech and security savvy and take good measures to stop infections and whatnot and something may have slipped through, but again that's likely a very small percentage.

    2. Re:I predicted this by Anonymous Coward · · Score: 3, Insightful

      They simply did like my wife and my mother-in-law, they pressed "okay" when the pop-up came asking them to install this weird executable that they didn't ask for. They just wanted the pop-up to go away, you see.

      Firewall, anti-virus, tea-timer, a host of other security measures... but you can't fix the user.

  5. Time to go back to phone banking by davidwr · · Score: 3, Insightful

    Hmm maybe we should go back to phone banking. It's not like phones can be easily hacked to sniff passwords.

    Oh wait, I forgot, we aren't in the 1980s any more. Nevermind.

    I think I'll do my business in person now. I'll just have to make sure the Russian Mafia doesn't set up a look-alike storefront down the street that looks like my bank's latest branch office.

    Sigh.

    Well, at least I know my currency is real.

    --
    Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
  6. Conficker design is second to none by Anonymous Coward · · Score: 5, Funny

    Mariposa is just as bloated - if not more so.

    not only that, its less secure because it doesnt have a "benevolent dictator" calling the shots design-wise.

    im running Conficker and its been working like a charm. granted, its market share is not that great, and as long as you hold the mouse the right way, it "just works".

    honestly, i think this will be the year of the Conficker. Mariposa and Zeus are just too behind the curve.

  7. Re:That's awesome, but... by Securityemo · · Score: 3, Insightful

    Anyone doing that would be liable ten ways till Sunday. Anyone doing that to several banks would be called "A one-man super-hacker ring bent on destroying the western economic system."

    --
    Emotions! In your brain!
  8. Well my machine is safe by countertrolling · · Score: 3, Funny

    I do all my banking at an internet cafe

    --
    For justice, we must go to Don Corleone
  9. Re:Pardon me, I have to ask... by jbeach · · Score: 4, Insightful

    It seems clear to my personal experience, and friends of mine who are in computer security, that Os X and Linux are orders of magnitude more secure than Windows.

    While I'm sure OS X and Linux can be exploited, I think we'd all be far safer if they were adopted to anywhere near the ubiquity of windows. And who knows? That may be soon, if Google apps and other productivity software is available for free or cheap as compared to Windows, and its current lock on business drone software.

    --
    The Invisible Hand of the Free Market is what punches workers in the nuts.
  10. Conficker Fanboy! by BigSes · · Score: 3, Funny

    I'm sick and tired of all these Conficker fanboys. You sit and talk about your botnet being so great because its open source, and you can expose your information to any malicious actions you choose, big deal! I'll take my Mariposa walled garden any day, at least I know that I can give up my SSN, mother's maiden name, and current home address and I know it will "Just Work" when it comes to stealing my data.

    1. Re:Conficker Fanboy! by oldspewey · · Score: 3, Funny

      If anybody needs proof that Mariposa is the superior botnet just ask yourself this question: is anybody lining up for 12 hours in the rain to get trojaned by anything else?

      Exactly

      --
      If libertarians are so opposed to effective government, why don't they all move to Somalia?