Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Zeus banking malware hides a crucial file in a photo

From: InfoSec News <alerts () infosecnews org>
Date: Wed, 19 Feb 2014 08:53:34 +0000 (UTC)
http://www.computerworld.com/s/article/9246405/Zeus_banking_malware_hides_a_crucial_file_in_a_photo

By Jeremy Kirk
IDG News Service
February 18, 2014
A newly discovered variant of the notorious Zeus banking trojan is disguising a crucial configuration code in a digital photo, a technique known as steganography.
Zeus is one of the most effective tools to steal online banking details, hijacking login details as a person accesses his account and masking secret transfers in the background.
The variant, called ZeusVM, downloads a configuration file that contains the domains of banks that the malware is instructed to intervene in during a transaction, wrote Jerome Segura, a senior security researcher with Malwarebytes. He wrote the behavior was first noticed by a French security researcher who writes under the name Xylitol.
"The malware was retrieving a JPG image hosted on the same server as were other malware components," Segura wrote. 

[...]



--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
Previous By Date Next
Previous By Thread Next

Current thread: