Security Experts Caution NACHA Members on Zeus Trojan Attack

S

Zeus Trojan is back in the news again. Internet security firm Sophos has alerted users on a new scam, wherein Trojan targets members of National Automated Clearing House Association (NACHA), which handles the development, administration and governance of Automated Clearing House (ACH) network. Cybercriminals are allegedly sending cleverly crafted e-mails to the members of NACHA enticing them to download and install attachments containing Zeus malware. The e-mails inform customers regarding failure of a transaction sent by the customer, their bank or some other person. The spoofed e-mails appear to come from NACHA and contain a Transaction ID. The e-mails seek users to download a file containing Transaction report for ascertaining the reason for rejection. When unsuspecting users download the file, they inadvertently insert Zeus botnet node on their computer systems. Zeus Trojan is capable of extracting financial information stored on the compromised computer. The Trojan downloads configuration files from remote computer and explores browsing activity of the user to match with the URLs listed in the configuration files. When user opens a legitimate financial site and enters Login credentials, the Trojan extracts the same. In this case, Zeus apparently collects details of ACH Transactions. Last year, cybercriminals made use of Zeus Trojans to steal funds over 6 million GBP from customers of British banks. Attackers also targeted LinkedIn users with fake connection requests to download Bugat Trojan, a variant of Zeus.

Another variant of Zeus, Zitmo (Zeus In The Mobile) Trojan is targeting mobile devices to intercept and misuse high security passwords sent by banks. Banks across the world are using high security passwords to authenticate online bank transfers by customers. Earlier in the year, customers of ING Poland were deceived through Zitmo Trojan.

The ACH network facilitates electronic transfer, corporate payments and direct payment of funds to consumer accounts such as interest, dividends and pensions among others. Participants of ACH include corporates, individuals and financial institutions.

Internet users must avoid downloading suspicious files. They may cross-check transaction ID to confirm, whether the transaction referred in the e-mail is legitimate and pertains to them. In case of suspicion, they may directly contact their concerned bank or clearing house to confirm the authenticity of the e-mail. Genuine transaction failure communication from a legitimate organization is likely to be personalized and specific. online degree courses may help customers on “Do’s and Don’ts” in cyber security.

As cybercriminals may target employees of financial institutions and banks, organizations may educate employees on the latest threats, precautions in online communications and secure use of web browsers. Online university degree courses may help IT professionals in understanding and implementing new security mechanisms.

Professionals qualified in computer science degree and Information security may help in timely detection of threat vectors, mitigating measures and patch management. Organizations must regularly evaluate the security of the IT infrastructure to weed out vulnerabilities and remediate lapses. Organizations may restrict incoming connections through firewalls, encourage use of user level privileges, configuring e-mail servers to prevent downloading of files with risky extensions.

Contact Press
EC-Council
Website: http://www.eccuni.us
Email: [email protected]
Tel: 505-341-3228

EC-Council University is based in Albuquerque, New Mexico and offers Master of Security Science (MSS) degree to students from various backgrounds such as graduates, IT Professionals, and military students amongst several others. The MSS is offered as a 100% online degree program and allows EC-Council University to reach students from not only the United States, but from all around the world.

EC-Council is a member-based organization that certifies individuals in cybersecurity and e-commerce skills. It is the owner and developer of 16 security certifications, including Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (CHFI) and EC-Council Certified Security Analyst (ECSA)/License Penetration Tester (LPT). Its certificate programs are offered in over 60 countries around the world.

EC-Council has trained over 80,000 individuals and certified more than 30,000 members, through more than 450 training partners globally. These certifications are recognized worldwide and have received endorsements from various government agencies including the U.S. federal government via the Montgomery GI Bill, Department of Defense via DoD 8570.01-M, National Security Agency (NSA) and the Committee on National Security Systems (CNSS). EC-Council also operates the global series of Hacker Halted security conferences.

About the author

By eccuni