Zeus

(get it in RSS or Atom)

Notorious Shylock banking malware taken out by law enforcement

fire-globe-250

Law enforcement action led by the National Crime Agency (NCA) in the UK has knocked out the infrastructure of a banking malware known as Shylock, because of excerpts from Shakespeare's Merchant of Venice hidden in its code.

Here's how to check to make sure you weren't among the more than 30,000 PCs that were infected.

SSCC 156 - Warbiking in Manhattan, hubris for Google, and how less can be more [PODCAST]

chet-chat-logo-featured-250

Sophos experts Chester Wisniewski and Paul Ducklin are back with this week's security podcast, turning plain old news into advice you can use.

"Gameover" malware revival - is it really up from the canvas?

newgoz-ko-250

Is the recent re-appearance of the Gameover malware a flash in the pan, or part of a concerted effort at reviving the threat?

What do we need to do to knock it out altogether?

"Gameover" malware returns from the dead...

In early June 2014, a internationally co-ordinated law enforcement effort against the criminals behind the infamous Gameover malware pretty much wiped out their botnet altogether.

Bad news - it looks as though Gameover is back...

SSCC 150 - TrueCrypt, Gameover, CryptoLocker and whither mobile malware? [PODCAST]

sscc150-thumb-250

This week, Chet and Duck dig into the bafflement of the disappearing TrueCrypt encryption software: did it jump, or was it pushed?

They also look at the takedown of Gameover and CryptoLocker, and look into what we can learn from ten years of mobile malware.

Has CryptoLocker been cracked? Is Gameover over?

bog-250

Gameover is one of the most notorious botnets of recent times. And CryptoLocker is the Big Daddy of the ransomware scene.

But a team of global law enforcement agencies has taken them on...and YOU can help them win!

Monday review - the hot 21 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

SSCC 143 - Heartbleed revisited, cybercrooks busted, failed malware cleanup censured by FTC [PODCAST]

sscc-thumb-250

From the latest Heartbleed revelations to various successes by law enforcement, Sophos experts Chester Wisniewski and Paul Ducklin take you through the big computer security stories of the week.

Be entertained as you learn from the news, all in our regular quarter-hour podcast format.

Zeus malware - nine charged with conspiracy to steal millions of dollars

US charges 9 with stealing millions of dollars with Zeus malware

The US Department of Justice (DOJ) has charged nine individuals over their alleged involvement in a criminal organisation that stole millions of dollars from victims' bank accounts.

Smucker's online store gets stuck in thieves' web

Smucker's online store gets stuck in thieves' web

The US jam and jelly maker is just the latest fly to get stuck in the same web that ensnared dozens of companies last year, including some of the world's largest data brokers and at least one credit card processor.

SSCC 137 - Apple, rootkits, hacking and data breach laws [PODCAST]

sscc-137-thumb-250

What about support for OS X Lion and Mountain Lion? Can a rootkit be a blessing in disguise? Will federal US data breach laws make things better or worse?

Chester and Duck once again aim their entertaining expertise at the security news of the week...

Notorious "Gameover" malware gets itself a kernel-mode rootkit...

gameover-250

The Gameover botnet gang has been trying new techniques lately: most recently comes the introduction of a kernel-mode rootkit called Necurs, making the malware harder to find and remove.

Senior Researcher James Wyke of SophosLabs investigates...

Spam from an anti-virus company claiming to be a security patch? It's Zbot/Zeus malware...

zeus-250

A spam campaign that seems to originate from a whole raft of different security and anti-virus companies...

...is actually an effort to trick to into installing a new variant of Zbot/Zeus onto your computer.

Alleged "SpyEye" mastermind extradited to US

Alleged "SpyEye" mastermind extradited to US

The FBI suspects that 24-year-old Hamza Bendelladj, an Algerian national, developed, marketed, distributed and controlled the notorious botnet toolkit, used to steal millions of dollars from online bank accounts.

Point of sale devices and Canadian banks targeted by Citadel malware variant

Point of sale devices and Canadian banks targeted by Citadel malware variant

A new variant of the prevalent Citadel crimeware kit has been discovered to target Point of Sale (POS) devices. Find out more, in this analysis from SophosLabs expert James Wyke.

Polish CERT acts against Virut malware with domain takedowns

CERT Polska has announced takedown action against web properties associated with a huge botnet known as Virut.

Paul Ducklin takes a look at takedowns, and why they are important even if their effectiveness is often short-lived...

The Citadel crimeware kit - under the microscope

The Citadel crimeware kit - under the microscope

Ever since the source code of Zeus/Zbot leaked in May 2011, many new variants have appeared.

One particularly prevalent example is Citadel.

James Wyke of SophosLabs puts it under the microscope....

Fake Apple invoices lead to Blackhole exploit kit that drains your bank account

Fake Apple invoices lead to Black Hole that drains your bank account

A new round of spams proclaims you have been charged for a large purchase from Apple.

All links lead to webpages infected with the Blackhole exploit kit. Be cautious with your online shopping this holiday season.

UK’s top ecrime investigator describes a life fighting cybercrime

UK’s top cyber investigator sees smaller payloads, bigger paydays for cyber crooks

UK Cybercrime investigator and Sophos consultant Bob Burls has been on the inside of some of the biggest law enforcement takedowns of the last decade.

Bank's shoddy security was to blame for $588,851 online robbery, US appeals court rules

US appeals court holds bank liable for online security breach

A Maine construction company that saw its online bank account fraudulently drained of almost $600,000 might get some of it back due to what a US federal court has deemed shoddy security systems at its bank.