How to 'defend' Zeus trojan

According to BitDefender's global data security analysis department, nearly 80 people have been arrested in the US and UK due to the use of stealing Zeus Trojans from more than 9 million dollars from banks in the past three months.

With this successful retrieval, BitDefender has given official advice to banks to avoid serious losses from trojans that steal this dangerous money.

How to 'defend' Zeus trojan Picture 1

A thorough diagnosis of the computer will help your PC to be "healthy" before the virus

The captured men were accused of using Zeus trojan features to hack into customer accounts, stealing money by transferring it to other accounts created by accomplices, eventually sending it to mastermind through Western Union.

However, careless criminals have left traces from which experts can follow. BitDefender found command servers and controlled the use of criminals.

According to experts BitDefender revealed, once investigators track command servers and control, they can track transactions to the server and find traces of criminals and hidden conspirators. really behind the incident.

These aggressive attacks show that banks need to take careful and strong measures to protect customers' safety. BitDefender experts have instructed how to fight trojans specializing in stealing bank accounts, especially Trojan Zeus:

1. Strictly control customers changing their e-mails and phone numbers in bank records. Allowing to change information online too easily will enable attackers to send and receive information from banks more simply and conveniently.

Recommendation: only allow these changes by going directly to bank branches.

2. Send a notice of any changes in the bank account.

Recommendation: If any account information is changed, the notice must be sent to both the email address and the SMS message, so that the customer can promptly respond to any unauthorized changes.

3. Notify when there is a new update on the list of people who can receive a transfer from the customer's account. If an attacker controls an account, he can steal money through online banking easily. As recommended, notify via e-mail and SMS to customers when the transfer receipt list is updated.

4. Allow time for customers to read and respond to the notice. If a customer is unable to read e-mail or SMS within a certain period of time, attackers can transfer money to new beneficiaries under their control before the account holder is legally have the opportunity to detect frauds.

Recommendation: Do not transfer money to new beneficiaries within seven days after they have been identified.

How to 'defend' Zeus trojan Picture 2

During the investigation, BitDefender also found that: LinkedIn users can also be attacked by deadly Zeus spam. The LinkedIn website is undergoing a massive spam campaign designed to infect UK and US businesses with data theft by Zeus / Zbot. After appearing on September 27, LinkedIn-related spam accounted for a quarter of all spam detected by BitDefender in the first 15 minutes.

Users are required to review contact requests from a virtual user, by clicking on a link like normal LinkedIn. The victim is redirected to a new page and is asked to wait for the connection. At that moment, the Zeus trojan will try to jump into the target computers.

LinkedIn has been used for spam campaigns in the past, but relatively few compared to rivals such as Facebook and Twitter.

"Attacking social network users to distribute malware is a smart act of criminals. Therefore, social network users need to be more cautious than ever!" - BitDefender commented on the latest attack.