Advertisment

Is mobile the next target of Zeus?

author-image
CIOL Bureau
Updated On
New Update

BANGALORE, INDIA: Zeus, the world's most sophisticated malware, is striking businesses and financial institutions throughout the world, and it's suspected to be the malware behind recent attacks on mobile devices.

Advertisment

The malware is targeting consumers and businesses throughout the world. Now, Zeus or Zeus-like malware, is hitting mobile devices - an attack often referred to as "man-in-the-mobile." Recent arrests for related crimes - those in the United Kingdom and those in the United States - prove Zeus is a global problem.

In an interview with CIOL, Carl Leonard, senior manager, Websense Security Labs talks about the implications of a Zeus attack and vulnerabilities in mobile platforms that makes them a favorite target.

Q: What is the impact of the Zeus malware worldwide so far?

Advertisment

Carl Leonard: Zeus Malware is a great example of a blended threat that covers all possible attack angles. Zeus itself is a malware kit that is sold in the underground. The capabilities introduced by the kit, including ease of use and configuration, advanced capabilities to steal user’s information, target different brands along with evading Antivirus detection, made the kit extremely popular.

Zeus isn’t affiliated with one specific group that continuously attack but is sold to whoever wants to buy it, therefore it can serve a number of changing individuals and groups. Since it’s very popular it’s used as a payload for web and email attacks, or any other attack vector that has the main aim of stealing data. The kit has been used numerously for years now, and is believed to have infected hundreds of thousands of computers to date.

Advertisment

Q:Is mobile the new target of Zeus?

Carl Leonard:The increasing popularity of mobile platforms is a target for the Zeus kit and mobile operating systems has been found to be targeted with Zeus. We expect that going forward, the malware will offer more complex features as it’s taking on mobile platforms and that it will be supported on an increasing number of mobile-based operating systems.

Q: Why emerging banking channels, such as the mobile channel, are vulnerable?

Advertisment

Carl Leonard: These are the years where mobility starts to emerge to its full potential. This is just the starting point and it will increase as we advance through the years. It’s a fact that the emerging technologies, especially the ones offered with new platforms, are known to have weaker security. That’s because they are new and their weaknesses haven’t been realized to their full potential. This is where security research comes to play, where security-based weaknesses are found. Most critical weaknesses are found in the first years of an emerging technology and this will be the case with mobile platforms too, as they are wide in variety and also popular.

One example would be the JailbreakMe Website that has been set shortly after the launch of the iPhone 4. The site employed an exploit targeting the Safari browser on the platform. A user just had to access the Website through the iPhone and that action alone would  result in “Jailbreaking” the phone, i.e. effectively opening it for running any code or application on the device. This code can potentially be a malicious code too. In addition, today, numerous banks and financial organization rely on the mobile device to authenticate their users. Once the malware will start putting those mechanisms under attack, it could subvert those communication channels to fulfill its needs.

Q: How global agencies and financial institutions work together to combat Zeus attacks?

Advertisment

Carl Leonard: The fight against Zeus is on a daily basis. Since every variant may target different brands and also comes with the ability to evade antivirus detection, the battle continues.  Along with protecting their internal networks and mobile users with on-premise defenses such as endpoint protection, Web and Email filtering accompanied with SaaS, a lot of the bigger financial institutions have dedicated computer emergency response teams (CERT) that constantly monitor and investigate the business environment for threats and eradicate them when needed. It is the reality today that different organizations are under the threat of being targeted for their data and money.

Q: What are the measures that businesses and financial institutions should take to prevent Zeus attack?

Carl Leonard: The measures would be in accommodating the likely targeted end points and entry points of Zeus coming into the organization with advanced security software. This has to be accompanied with issuing strong corporate policies to audit, maintain, adapt and improve IT security levels. The main attack vectors of Zeus at the moment are through the Web and email as it’s massively used in those. But, Zeus can also be utilized, if wanted,  with attacks via portable storage like hand-drives or USB sticks.

It’s important to note that in a lot of times the Zeus kit doesn’t necessarily rely on exploits to run itself on the targeted systems, but also relies on social engineering i.e. on the end user to take part in the attack and manually launch it. So in that respect, and particularly in today’s environment, where targeted attacks are trendy, it’s important to raise and increase the awareness of the end user of such attacks, and thereafter to enforce policies of corporate awareness with regards to cyber threats alongside arming the organization’s likely entry points with strong security solutions.

tech-news