Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

How the $3 Million Zeus Scan May Have Taken Place

Imperva : 04 October, 2010  (Technical Article)
Imperva's Noa Bar-Yosef provides his view of the Zeus hacking scan, providing some insight into how it may have happened
'These criminals operated Zeus in one of two ways: either the bots used were under their own control, or, and more likely the case, they rented a bot from a bot 'farmer'. The bot farmer grows and manages the bot, and the criminals then rented and used it.

The hacking rings we see today take on a more organized approach, similar to a drug cartel or a cyber-mafia. There is a hierarchy with employees that have a distinct role in the scheme -- the researcher looks for different ways to infect machines, the Botnet farmer operates the bots, the Botnet dealer rents the bots, and the actual 'consumer' monetizes on the virtual goods received by the bot.

In this scheme, these bots did more than just harvest user credentials -- they injected code into the user's browser so that the user thinks they have a legitimate connection with their bank. In fact, the user was actually engaging with the Trojan.

Banks need to step up their security measures -- instead of being reactionary after the fact, try to be proactive by guessing the next steps of the hackers. The banks can use the uncovering of this Zeus exploit to learn more about how these gangs work. They can see how the attack code was adapted over time and analyze the modification of methods, which can help them anticipate the next move hackers are likely going to make.'
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo