New Zeus malware grabs victims' money via Facebook, GMail

A new strain of the Zeus banking-oriented malware is now targeting users via their accounts on social network Facebook and free email Gmail, a security firm warned.

 

BitDefender said the new scam asks victims to link their credit card information with their Facebook or Google accounts to turn them into digital wallets.

 

"The attack is extremely convincing as the browser shows the URL of the real login service. It also offers a good explanation as to why the user is asked to enter credit-card info: Facebook users are told they can directly buy Facebook credits after they link the credit-card to the account, while Gmail users are told they can use Gmail as a 'digital wallet' and pay by simply entering their e-mail address," it said.

 

When a user tries to get to Facebook or Gmail from an infected PC, they see the genuine service login page.

 

However, the new Zeus strain goes to work in the background, injecting its code in the login form to request credit card information.

 

Also, the malware can manipulate the way the bank reports account balances so victims are unaware that money has been moved out of the account.

 

“Pages include the branding and messaging typical to each of the industries the cybercriminals are targeting. They are even personalized with the victim’s name,” BitDefender quoted Andreas Baumhof, the CTO of ThreatMetrix, a company specialized in fraud prevention, as saying.

 

Baumhof said industries "must realize how sophisticated today’s cybercriminals are and take proper steps to prevent these attacks.” — TJD, GMA News