One in every 3,000 computers monitored by a global security specialist is infected with a new version of the Zeus password-stealing malware, said Trusteer, a New York-based company.
Trusteer also said the new version, known as Version 1.4 or Version 2 targets, targets Firefox browsers and uses advanced polymorphic techniques to thwart antivirus software.
The company's Flashlight remote fraud investigation and mitigation service already has linked the latest version of Zeus, also known as Zbot, with fraud against commercial and consumer bankers in North America and the United Kingdom.
Trusteer said Zeus is licensed by numerous criminal organizations to launch targeted attacks against a specific banks' customers and that the new version supports HTML injection and transaction tampering for Firefox, two techniques which are effectively used to bypass strong authentication and transaction signing solutions.
"We expect this new version of Zeus to significantly increase fraud losses, since nearly 30 percent of internet users bank online with Firefox and the infection rate for this piece of malware is growing faster than we have ever seen before," said Amit Klein, chief technology officer of Trusteer and head of the company's research organization.
He said the company recommends "a layered approach to malware blocking and making sure [financial organizations] have the proper detection, investigation, mitigation, and response tools in place."
--mrapport@cutimes.com
