What is Crimeware?
Imagine if, for only $3000, you could buy the role of a crime lord whose millions of minions obediently and constantly funnel money to you. Now imagine that anyone can. Finally, understand this is not fantasy, and you might become very scared. Learn more about crimeware, and how to protect yourself...
Zeus, Botnets and Crimeware
The Zeus botnet is a worldwide network of computers over which hackers have established control, often without the owners' knowledge. These robot or "zombie" computers are controlled by a Trojan horse program they picked up by opening an infected email attachment or visiting a phishing Web site.
The Zeus Trojan is a versatile devil. It's a keylogger that records logon credentials as you type them. It alters your bank's Web page HTML to facilitate identity theft. It redirects your browser to a lookalike Web site where you can be fooled into giving up more critical information. It searches your hard drive for bank account and other financial data it can upload to its masters; and much more. For an exhaustive report on Zeus, its components, and its nefarious capabilities visit SecureWorks.
In October, 2010, the FBI announced that it arrested more than 90 Americans in "one of the largest cyber criminal cases we have ever investigated". The arrestees were "money mules" who received stolen funds in their bank accounts and forwarded it to their criminal masters in exchange for a commission. The mules received the money - over $70 million total - by fraudulent transfers of money enabled by the Zeus botnet. The thieves originally targeted $220 million, says the FBI.
Now it gets really scary. The criminal creators of the Zeus botnet are now selling a bundle of software called "Zeus crimeware" which enables just about anyone to be a cybercrime kingpin. Zeus crimeware is as user-friendly as any commercial legitimate program. Wizards guide you step-by-step through the process of configuring which keystrokes to capture under what circumstances; where to transmit the stolen logon credentials; and the creation of a seemingly innocent and alluring "free download" to turn loose on unsuspecting victims. Plus, you too can use the existing Zeus botnet to start robbing strangers. You might possibly also get arrested by federal agents and thrown into prison with some Russian guys. But you know, life is filled with risks and rewards.
Are You an Ignorant Zombie?
You may have no interest in running a global criminal cyber-enterprise. But you COULD be an unwitting participant. Nearly 4 million PCs in the U.S. alone are part of the Zeus botnet, with estimates of worldwide infections running much higher. Using Zeus, cybercriminals have pulled off some spectacular crimes.
A good anti-virus program should protect you, but if you want to double check if your computer is infected with the Zeus Trojan, start by looking for these file paths and files on your system.
If you are logged on with Administrator privileges:
- %systemroot%\system32\sdra64.exe (malware)
- %systemroot%\system32\lowsec\user.ds (encrypted stolen data file)
If you are not logged on with Administrator privileges:
Note that Zeus files are "hidden" by default, so you will have to set Windows Search to show hidden files or you will detect nothing.
Protecting yourself from a Zeus infection requires extreme caution. Experts recommend logging on to online banking and other password protected accounts using an "isolated" computer that is not used for general Internet work (email and Web browsing). But that's not very practical for most consumers and small businesses.
Alternatively, you might consider a different operating system. Zeus is most often found on Windows XP systems. An optional Zeus crimeware kit makes Zeus Trojan compatible with Vista and Windows 7; not every crook spends the money for this option so these OSes are safer than XP. But to escape Zeus altogether you would have to switch to a non-Windows operating system, i. e., Mac OS or Linux.
At the very least, keep your anti-malware software up to date and constantly activated. Avoid clicking on email attachments from unknown senders. Enable the anti-phishing features of your Web browser and if it says, "don't go there," don't go there.
Have you been a victim of crimeware? Post your comment or question below...
This article was posted by Bob Rankin on 17 Dec 2010
|For Fun: Buy Bob a Snickers.|
The Top Twenty
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin
Subscribe to AskBobRankin Updates: Free Newsletter
Copyright © 2005
- Bob Rankin - All Rights Reserved
Article information: AskBobRankin -- What is Crimeware? (Posted: 17 Dec 2010)
Copyright © 2005 - Bob Rankin - All Rights Reserved