/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: The most sophisticated malware Zeus caused a havoc in security circles during 2010 by striking businesses and financial institutions throughout the world. The same malware is also said to be behind widespread attacks on mobile devices.
The malware has been seen targeting consumers and businesses throughout the world. Now, Zeus or Zeus-like malware, is hitting mobile devices - an attack often referred to as "man-in-the-mobile." Recent arrests for related crimes - those in the United Kingdom and those in the United States - prove Zeus is a global problem.
In an interview with CIOL, Carl Leonard, senior manager, Websense Security Labs talks about the implications of a Zeus attack and vulnerabilities in mobile platforms that makes them a favorite target.
Q: What is the impact of the Zeus malware worldwide so far?
Carl Leonard: Zeus Malware is a great example of a blended threat that covers all possible attack angles. Zeus itself is a malware kit that is sold in the underground. The capabilities introduced by the kit, including ease of use and configuration, advanced capabilities to steal user’s information, target different brands along with evading Antivirus detection, made the kit extremely popular.
Zeus isn’t affiliated with one specific group that continuously attack but is sold to whoever wants to buy it, therefore it can serve a number of changing individuals and groups. Since it’s very popular it’s used as a payload for web and email attacks, or any other attack vector that has the main aim of stealing data. The kit has been used numerously for years now, and is believed to have infected hundreds of thousands of computers to date.
Q:Is mobile the new target of Zeus?
Carl Leonard:The increasing popularity of mobile platforms is a target for the Zeus kit and mobile operating systems has been found to be targeted with Zeus. We expect that going forward, the malware will offer more complex features as it’s taking on mobile platforms and that it will be supported on an increasing number of mobile-based operating systems.
Q: Why emerging banking channels, such as the mobile channel, are vulnerable?
Carl Leonard: These are the years where mobility starts to emerge to its full potential. This is just the starting point and it will increase as we advance through the years. It’s a fact that the emerging technologies, especially the ones offered with new platforms, are known to have weaker security. That’s because they are new and their weaknesses haven’t been realized to their full potential. This is where security research comes to play, where security-based weaknesses are found. Most critical weaknesses are found in the first years of an emerging technology and this will be the case with mobile platforms too, as they are wide in variety and also popular.
One example would be the JailbreakMe Website that has been set shortly after the launch of the iPhone 4. The site employed an exploit targeting the Safari browser on the platform. A user just had to access the Website through the iPhone and that action alone would result in “Jailbreaking” the phone, i.e. effectively opening it for running any code or application on the device. This code can potentially be a malicious code too. In addition, today, numerous banks and financial organization rely on the mobile device to authenticate their users. Once the malware will start putting those mechanisms under attack, it could subvert those communication channels to fulfill its needs.
Q: How global agencies and financial institutions work together to combat Zeus attacks?
Carl Leonard: The fight against Zeus is on a daily basis. Since every variant may target different brands and also comes with the ability to evade antivirus detection, the battle continues. Along with protecting their internal networks and mobile users with on-premise defenses such as endpoint protection, Web and Email filtering accompanied with SaaS, a lot of the bigger financial institutions have dedicated computer emergency response teams (CERT) that constantly monitor and investigate the business environment for threats and eradicate them when needed. It is the reality today that different organizations are under the threat of being targeted for their data and money.
(Note: This interview has been re-published from the original interivew carried in CIOL in October, 2010)