New Zeus Banking Trojan Spoofs Verified by Visa and MasterCard SecureCode
Zeus is a prolific trojan that is designed to allow cyber criminals to break into corporate online banking accounts and allow criminals to transfer large amounts of money from company bank accounts.
A new version of the Zeus trojan has been detected that tries to steal Verified by Visa and Mastercard SecureCode passwords, allowing criminals to use corporate payment credit cards.
When users log into their online banking websites from infected computers, the new Zeus trojan will display a screen telling the user that they need to enroll their corporate credit card into the Verified by Visa security scheme. In reality, the criminals are stealing your data and can then use that to use your corporate credit card online illegally.
July 30th, 2010 at 12:08 pm
If this malware works by stealing passwords or one-time passwords, it seems like a client-side certificate would prevent this kind of account hijacking. And the Ironkey contains a client-side cert and the protected private key, correct? But as far as I know, I could not use the client-side cert in an Ironkey for online banking authentication because, by default, SSL does not automatically ask for a client certificate. Dave, do you know if it’s possible to have client-side SSL “turned on” for those banking customers who desire it, without screwing things up for those who don’t have the certs?
July 30th, 2010 at 7:09 pm
TK
If a bank turns on client-authentication on their web systems, they can certainly use IronKeys to strongly authenticate their users. One issue is that some browsers, if the website requests a certificate, will pop up a dialog box asking the user which certificate to choose. This could cause confusion to casual users who are not security savvy. We are working on some ways to fix this issue with our Trusted Access online banking security product.
- Dave