Forgot your password?
typodupeerror
Security The Almighty Buck IT

Bank Accounts Vulnerable For Victims of ZeuS Trojan Variant 'Gameover' 80

Posted by timothy
from the fewer-atm-fees-at-least dept.
tsu doh nimh writes "Organized crooks have begun launching debilitating cyber attacks against banks and their customers as part of a smoke screen to prevent victims from noticing simultaneous high-dollar cyber heists, the FBI is warning. The thefts, aided by a custom variant of the ZeuS Trojan called 'Gameover,' are followed by distributed denial of service (DDoS) attacks against banks and the victim customers. The feds say the perpetrators also are wiring some of the money from victim organizations directly to high-end jewelry stores, and then sending money mules to pick up the pricey items."
This discussion has been archived. No new comments can be posted.

Bank Accounts Vulnerable For Victims of ZeuS Trojan Variant 'Gameover'

Comments Filter:
  • by Baloroth (2370816) on Thursday December 01, 2011 @07:16PM (#38232616)

    I keep all my money in my house! Perfectly safe. No organized crooks gonna steal my money.

  • Seriously? People are /still/ clicking the links in shady emails/downloading files from them? What, is this 1998?
    • by fsckmnky (2505008) on Thursday December 01, 2011 @07:23PM (#38232670)
      Who can resist an important message from Sandra, the topless 3 boobed Nigerian government official charged with distributing $10 million dollars in oil industry windfall profits and free samples of Viagra ?
    • Re: (Score:2, Redundant)

      Think about it this way, then it will make perfect sense. Think about how ignorant the average person is, and realize that about 1/2 of the people are even more ignorant than average (for acceptable levels of average).

      So yes, people still are doing stupid stuff on computers.

      • Re: (Score:1, Insightful)

        by Anonymous Coward

        Think about how ignorant people are they can not program their own space shuttle launch and all the surrounding software that goes with it! Geeze anyone should be able to do that. Yet none never bother.

        That is how your post sounds. To *MOST* people computers are just some toy or tool to get things done. Not something they really want to give a crap about.

        • But people do "give a crap about" their money. To imply that parting fools from their money necessitates computers is disingenuous.

        • by Dunbal (464142) *

          No one can program their own space shuttle launch. That's why it takes a team - even for NASA.

          As for YOUR post - if you drive a car you are expected to know a) how an internal combustion engine works and what oil is for and why you should check it once in a while b) whether your car runs on diesel or gasoline/petrol c) how to change a flat tire and d) when to take your car in for service/repairs. If you don't know the preceeding, then you really shouldn't be driving a car. Likewise with computers.

          • Car Analogy: "I hear, if you put a cup of sugar in your gas tank, you can get double the miles per gallon you get now"

            I expect that enough people don't know enough about cars that some idiot might WANT to believe such a statement long enough to put sugar in their gas tank, HOPING to get better mileage because they do care about money.

            YES, I do expect people to know about how a ICE works, enough to know that putting sugar in the gas tank is a BAD idea. That is why Social Engineering is the greatest threat to

          • Oh, come off it. Cars are much simpler to maintain and operate than computers. Spotting the square tires that will break my car when I put them on is much much easier than spotting the game with malware embedded in it that will break my computer. The whole point of a computer is to enable me to run multiple third party programs. If every time I wanted to change the dice hanging from my rear view mirror I had to worry about them silently altering my air/fuel injection ratio, then you might have a point.
          • by BranMan (29917)
            -99% of drivers have no idea how an ICE works (or what that stands for, or even that they have one in their car) -95%+ of drivers don't now anything about oil (and many new cars now have an idiot light to tell you to get it changed) -Only one of the nozzles at the gas pump (gas or diesel) will fit in your car. They needed that for a reason. -95% of drivers have never changed a flat, or know how - There is an idiot light "I need service" on the dash

            So by your accounting 95%+ of drivers should not be driv
    • Zeus is spread mainly through drive-by downloads and phishing schemes. [wikipedia.org]

      Drive-by downloads have been the primary infection vector for a while now.

      • by Anonymous Coward

        I'm unclear on the term "Drive By Download"...to me it's always meant "Stupid User Clicked Install", I don't mean to be elitist or a jerk, I just want a definition of the phrase

        • by bmo (77928)

          No, "drive by download" means going to google, clicking on a SEO link attached to a malware site, and getting screwed over.

          You're being elitist.

          --
          BMO

          • not to mention ignorant.

            Its always the clever ones who think their 1337 skilz will render them immune to exploits for their out-of-date java plugin.

          • A large attack vector for SEO poisoning is image searches. Unless you're running with NoScript or JS disabled, all you have to do is click on the wrong link in a random image search result, and the rest happens in the background. While you're sitting there looking at images of Martin Luther King, Jr. (and wondering why there's a photo of chocolate cake on the page as well, and one of some puppies), a multi-exploit probe script starts up in the background, quickly figures out what OS, browser and general environment you're using (think malware author's version of 'make'), and then downloads and executes an exploit path custom to your configuration.

            Of course, the term "drive-by download" does also include the FakeAV stuff that automatically downloads and sits in your download folder, waiting for you to say, "hey, what's this zipfile doing in here with the 'reallysuperantivirus.exe' inside? I guess I should run it to find out!"

        • by DeadCatX2 (950953) on Thursday December 01, 2011 @08:23PM (#38233138) Journal

          One day, I was browsing Google Image Search, looking to identify an ambiguous connector. (it ended up being a connector from JST)

          Suddenly, I'm greeted with a UAC prompt. Having done nothing to instigate a UAC prompt, I immediately killed firefox. Nonetheless, there was a rogue process on my machine that was attempting to gain root access by desperately popping up anti-virus messages. Being an intelligent user, I discovered what process was responsible and promptly killed and deleted the offending binary from my machine.

          I never even clicked anything.

        • by anubi (640541)
          I noticed you posted as AC. I do not like to like to say what I need to say in cases like this, as I do not like hurt feelings.

          You are average. You are not a computer "nerd" and are uninformed on the workings of errant programmers.

          Programmers with malicious intent prey on people like you.

          You could have googled "drive-by download" [google.com] in less time than it took to post, and got lots of answers.

          You didn't.

          You wanted someone else to do it for you.

          Well, that makes sense in a way.

          In the busines
          • Too many people confuse the right to privacy with the right of anonymity. Personal information on people existed prior to the Internet and IP addresses. Things like phone books, marriage records, birth certificates, home/auto loans, and property deeds which can be obtained at any local government that keeps track of property taxes. Utility bills, drivers licenses, education records, insurance policies, and bank records have been available easily with or without any subpoena for over the past 50+ years. Earn
          • by Stan92057 (737634)
            "You could have googled "drive-by download" [google.com] in less time than it took to post, and got lots of answers." 99.9% of the true geeks in the world would have done just that but the rest of us social beings like asking other people questions. Theres 1000,s of thing i could just have used Google for but where the fun in that? What use would Slashdot be if everyone just "Google it" Assumption is the mother of all fuck ups. You assume hes lazy when in fact hes just being social.
  • Could this be related to the recent news about Anonymous [slashdot.org]?
  • Why is it that every time I see a 'security' oriented blog, it is running on Wordpress?
  • didnt we just have an article about anonymous threatening banks?

  • What is the world coming to nowadays? Why are these crooks looking for holes in the computer servers and steal money? Why can't they steal the money honestly by buying the congress critters and passing legislation that forks over 7.1 trillion dollars? When will these crooks realize the Return on Investment for putting money in campaign contribution is like one million percent. These American Congresscritters are the best money can buy. Instead they go hire script kiddies and money mules. People like these g
    • The foreign crooks are doing exactly what our local crooks did, just further back on the timeline. First they got a lot of money from prohibition, then they broke into the big time money of politics. The key point is you can't take short cuts on the road to evil wealth and power, you've got to achieve all the sub-quests along the way before you get to fight the final boss. You don't get to bribe the federal gov without large bags of money and knowing the right people to pay off.
  • For when you really need to dress something up as dangerous, the type of thing that would star a team of, perhaps, eleven big-name actors and a casino.
  • and my daughters use her computer. I have little doubt it has been hacked as I've had to re-image it several times. I can not convince my wife to use a live CD for online banking. I guess it will take us getting wiped out to drive home this point. There is an inflection point between prudence and convenience. Woman are especially non prudent (I want to access my bank when I need it, I am not going to reboot) This is a larger problem of identity that needs solving. It is big bucks now. We need a secure solut
    • by tlhIngan (30335)

      and my daughters use her computer. I have little doubt it has been hacked as I've had to re-image it several times. I can not convince my wife to use a live CD for online banking. I guess it will take us getting wiped out to drive home this point. There is an inflection point between prudence and convenience. Woman are especially non prudent (I want to access my bank when I need it, I am not going to reboot) This is a larger problem of identity that needs solving. It is big bucks now. We need a secure solut

  • We're all nerds here (Score:5, Informative)

    by ctime (755868) on Friday December 02, 2011 @03:49AM (#38235260)
    I can hear the booo and hisses already, but this is a large reason why I fucking hate Windows. Let's be real here, everyone getting hacked by these knuckleheads are idiots themselves (to a degree) AND running windows. But what about this: I just imaged and updated my Windows 7 64 system, only use Firefox, and have Microsoft AV (free) enabled. I was minding my own business surfing the web in what I thought was a fairly secure setup, some random popup or link injected code through what I believe was a flash vulnerability (again the box was only a month old) and installed some fucked up rootkit that MS AV actually found the next day. WTF? 0-day exploits CRUSH windows, despite the UAV etc, some how this shit still gets through. Yes, I could have done probably xyz things to protect myself, which I would believe if I were running XP, but this is a 1Mo old version of 7, automatic updates, and I only use firefox. FML.

    Web browsers should run in a VM session that is incompatible with the host operating system on a binary level. This kind of aformentioned horseshit rarely if ever happens to everyday average normal guys just browsing the web on their Macs or Ubuntu boxes. Also, fuck it, I'm only browsing the web on a Linux image from now on on this Windows box (and just for reference the box is only used for gaming, occasionally slashdot raging)
    • Re: (Score:3, Informative)

      by ledow (319597)

      "Web browsers should run in a VM session"

      Or just have proper isolation and not ***execute*** random code at all.

      The problem with Windows is not necessarily programmers, it's the design and the expectations of its users. For some reason, if your email client doesn't automatically execute and display that Powerpoint presentation without warnings, people get annoyed. If the Flash/Java sections of a website aren't seamlessly executed as they load people think things are broken. If the executable they downloa

    • by Spodi (2259976)

      I can hear the booo and hisses already, but this is a large reason why I fucking hate Windows. Let's be real here, everyone getting hacked by these knuckleheads are idiots themselves (to a degree) AND running windows.

      Mmm, and it surely isn't because Windows is popular, easy, and familiar, making it much more common among the technologically illiterate. The problem isn't so much the OS, its the user.

    • by jader3rd (2222716)
      Were you running as admin?
    • by tlhIngan (30335)

      I can hear the booo and hisses already, but this is a large reason why I fucking hate Windows. Let's be real here, everyone getting hacked by these knuckleheads are idiots themselves (to a degree) AND running windows. But what about this: I just imaged and updated my Windows 7 64 system, only use Firefox, and have Microsoft AV (free) enabled. I was minding my own business surfing the web in what I thought was a fairly secure setup, some random popup or link injected code through what I believe was a flash v

  • This is a nasty infection and can cause significant damage. From what I have read, Zeus can attack both users who are local admins and those that are non-admins. The difference is that the attack of non-admins is only for that user, where if the user is a local admin, every user is infected! To reduce the attack surface and reduce the overall effectiveness of Zeus, you should make all users non-admins! Software to help with that is PowerBroker Windows Desktops (www.beyondtrust.com), which runs on Windows XP

Live within your income, even if you have to borrow to do so. -- Josh Billings

Working...