-
Hackers' use of a social network evolution of the Zeus malware has made a comeback in the first half the year.
June 12 -
An analysis of Microsoft's takedown of a cyber fraud ring that stole hundreds of millions of dollars from bank accounts brings to light the growing sophistication of malware and keylogger makers, who mostly manage to stay a step ahead of antivirus software designers and corporate security officers.
June 6 -
It's tempting to blame China and Eastern Europe for bank-targeting malware. But more than half comes from within our own borders.
August 31
An adaptation of the Zeus malware kit is targeting job seekers and turning them into mules.
The Trojan horse sits dormant on an infected computer until it's triggered by a person visiting CareerBuilder.com, says George Tubin, a senior security strategist at Trusteer. Using HTML injection, this Zeus adaptation redirects a job seeker to a phony recruitment website that looks legitimate.
"Criminals would create a job opening from a company looking for 'financial managers,'" Etay Maor, senior product marketing manager at Trusteer,
Applicants are then duped into funneling cash from a victim's bank account to the cybercriminals behind the devious tactic.
"Malware authors ... recognize that job seekers who actively access employment websites have a high potential to be successfully recruited and serve as money mules," Maor wrote in his blog.
The scheme is a natural extension of what Zeus was already good for collecting sensitive personal information and one-time-password data, says Robert E. Lee, an Intuit business analyst.
"If you control what the user sees on their screen, it makes social engineering so much simpler," he said. "They use it to trick users into running malware on their phone, why not help them get a job in the exciting world of forex trading, too?"
In the past, crews of criminals that use Zeus to ply their craft hired handlers to recruit mules for money movement, Ken Baylor, a research vice president at the information security research and advisory company NSS Labs, said by email. For instance, stolen money would be cashed out by mules who would then send the funds to handlers, who would pass the money along to the original criminal crews minus a 45-55% handling fee, of course.
"Mule handlers are being squeezed out of the market," Baylor said in the email. "To lower costs, [hackers] are researching new ways to attract and retain mules."
Trusteer has stumbled upon one such method: going after job seekers, he said.