'Zeus Banking Trojan' Virus Hits Facebook - Facts Analysis

Story:

‘Zeus Banking Trojan’ virus hits Facebook, steals money and other details from your bank account.

Other Versions

There’s a Facebook virus going around that can empty your Bank account.

The virus is called Zeus. It’s a special type of Trojan horse that has already infected millions of computers. Zeus works by remaining dormant on your computer until you log into your bank account. Once you’re in it steals your password and drains your account.

Picture about 'Zeus Banking Trojan' Virus Hits Facebook — ‘Zeus Banking Trojan’ Virus Hits Facebook

Analysis:

The messages are warnings for Facebook users, that there’s a special type of Virus called ‘Zeus Banking Trojan‘ going around on Facebook to steal money and other details from the users’ bank accounts. It is also said that the virus has already infected millions of computers around the world and remains dormant until one logs into his bank account. Yes, this is a fact.

About Zeus

Zeus/Zbot is a Trojan horse that generally spreads through drive-by downloads and phishing schemes, and is meant to steal banking information from users’ computers. It was first identified in July 2007 when it was used to steal information from the United States Department of Transportation, and spread further in the following years – in newer forms. In June 2009, Prevx, a security company has discovered that this Zeus Trojan had compromised more than 74,000 FTP accounts on websites of popular companies like Bank of America, NASA, Cisco, Amazon, Monster.com, ABC, Oracle, Play.com and BusinessWeek. This Zeus virus generally targets Windows computers.

As mentioned in the messages, this nasty Trojan horse called Zeus/Zbot is reported to have infected millions of computers, mostly in the United States. Once this virus infects a computer, it remains dormant there until the victim logs into a bank site, and then it steals his passwords to drain his account. In few cases, this Zeus malware can even replace a bank’s website with its own page and grab more online credentials and personal information of the user like Social Security number to sell them in black market.

Zeus attack on Facebook

According to credible news reports, this ‘Zeus Banking Trojan’ has also hit Facebook platform and these incidents have peaked in May 2013, spreading through phishing schemes and links in fake Facebook profiles. On a popular NFL Facebook fan page, it was seen that fake Facebook profiles have posted links to Internet addresses controlled by the Russian Business Network, which is an online criminal gang accused of various cyber crimes including identity theft and child pornography. Facebook users are generally exposed to this malware through malicious links that show up in e-commerce ads with deals on consumer items like sunglasses, sneakers and sports apparel. Note that this virus spreads through phishing messages, so when someone has been phished, their Facebook account will automatically send the messages or links to a large number of their friends. These messages are again ads or links asking their friends to check out videos or products.

To learn more about how these Zeus/Zbot malware variants work and how to possibly handle the complicated virus, read the security intelligence report of Trend Micro in the reference section below. Mentioned below are few safety tips to avoid becoming victim of such malware attacks:

Be careful while opening email messages or clicking unknown links in Facebook.
It is better to bookmark trusted sites, and in case of unknown, shortened links, you can find the source of the link by using sites like urlxray.com.
Always keep your system up-to-date with the latest security releases from software vendors.
Install trusted anti-malware protection and latest anti-virus software that will provide real time protection and notify you about phishing/attacking sites.
Use the safe browsing option provided by browsers like Google Chrome and Mozilla Firefox (in versions 3 and later) to alert you about phishing and malware attacks.