By John E Dunn
14 July 10
The Zeus/Zbot banking Trojan is reported to be attacking the Verified by
Visa and MasterCard SecureCode verification systems introduced in recent
years to stop old-style card not present (CNP) fraud.
Security company Trusteer, which has carved out a speciality in
reporting on Zeus/Zbot bank Trojan activity, does not say where and how
it encountered the latest attack, but reports that the it is aimed at
customers of 15 unnamed US banks.
Exploiting a man-in-the-middle browser attack when it encounters a
desired bank login on an infected PC, the malware intercepts and spoofs
the enrollment process through which credit card users are signed up for
the first time by both major issuers, Mastercard and Visa, throwing
users a convincing screen.
This captures a range of sensitive information that could be used to
carry out CNP fraud, including social security and card numbers, and PIN
or card verification codes. This data is sent in real time to a server
run by the attackers.
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com