Information Security News mailing list archives
Zeus banking malware hides a crucial file in a photo
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 19 Feb 2014 08:53:34 +0000 (UTC)
http://www.computerworld.com/s/article/9246405/Zeus_banking_malware_hides_a_crucial_file_in_a_photo By Jeremy Kirk IDG News Service February 18, 2014A newly discovered variant of the notorious Zeus banking trojan is disguising a crucial configuration code in a digital photo, a technique known as steganography.
Zeus is one of the most effective tools to steal online banking details, hijacking login details as a person accesses his account and masking secret transfers in the background.
The variant, called ZeusVM, downloads a configuration file that contains the domains of banks that the malware is instructed to intervene in during a transaction, wrote Jerome Segura, a senior security researcher with Malwarebytes. He wrote the behavior was first noticed by a French security researcher who writes under the name Xylitol.
"The malware was retrieving a JPG image hosted on the same server as were other malware components," Segura wrote.
[...] -- Subscribe to InfoSec News http://www.infosecnews.org/subscribe-to-infosec-news/
Current thread:
- Zeus banking malware hides a crucial file in a photo InfoSec News (Feb 19)