No, we’re not talking about the Olympian Lightning-striking God. This is far more terrifying.
Gameover Zeus is one of the big four Banking Trojans that has been plaguing banker’s nightmares for years, the other three being Carberp, Citadel and SpyEye. In case you are unfamiliar with Trojans, it is a malware program containing malicious code that much like the myth of the Trojan horse, opens a backdoor of sorts into the infected device that allows unauthorised access, resulting in loss or theft of data.
According to Kaspersky, Zeus appears to be the guideline for all banking Trojans, with malwares imitating bits and pieces from this notorious Trojan. Threatpost.com, the Kaspersky Lab Security News Service, has 26 pages worth of news related to Zeus, the most recent from barely a month ago, and the oldest from September 2009.
What is Zeus?
Zeus is a crimeware kit that steals credentials from various online services (mainly banks) in order to obtain private information from the users. Zeus made it’s first appearance in 2006 and has since been a thorn in the side of banks and corporations. Now, it has found it’s way into Malaysia.
According to MyCERT, Malaysia Computer Emergency Response Team, the malware infects the victim’s computers/smartphones and proceeds to imitate banking websites. The victim then inserts their personal details into the fake website (phishing) which will request the victim’s smartphone operating system and mobile number.
With the number given to them, the Trojan will send an SMS link containing the Zitmo malware to the smartphone, after which the attacker will be able to interfere with the TAN code that banks will send to the victim’s phone for online transactions. The attacker will then login to the victim’s banking account using the stolen information and withdraws money online from the victim’s bank by authenticating the transaction through the intercepted TAC number.
iPhone users will be relieved to find that the malware only affects smartphones running on Android and unpatched Windows Operating Systems. So maybe that bendable iPhone 6 shouldn’t be completely disregarded (yet).
It’s in Malaysia?
Yes, it’s in Malaysia. In a media conference in Kuala Lumpur, Federal Commercial crimes department deputy director Datuk Hamza Taib said that about RM60,000 were lost this month alone. One victim lost about RM10,000 from the phishing scam. According to Raimund Genes, Trend Micro chief technology officer, the number of online banking malware infection in Malaysia accounted for 26% of total infections in Southeast Asia. In its Q2, 2014 findings, Trend Micro listed Malaysia as among the top 10 countries most affected by online banking malware.
What Do We Do?
Panic. Just kidding. Don’t do that.
Install anti-virus, anti-spyware and firewall software on your computer and PC and make sure to keep the softwares up-to-date! These protections are of no use to you if it’s not kept updated. Use a personal computer or laptop to do online banking. Don’t use public Wi-Fi network for bank transactions! This should be a given for online users, but it never fails to surprise me how many people pay for their bills and buy things while sitting in a Starbucks chair with the computer facing everybody. I have a 20/20 vision. I can see your credit card number from my seat over here.
For Smartphone users, verify an app’s permission before installing something (I know most of us just accept the permissions blindly). Did you know there are free anti-virus softwares available for your smartphones as well? Find one that best suits your needs and keep it updated on your phone. Speaking of which, it is important to update your operating system as well to avoid security holes in outdated versions.
Be careful with your personal information, readers. Remember, banks will never request for login details via email. Shop safely everyone.