What the Zeus Virus Looks Like

I thought I knew about all the phishing techniques, and they all sounded pretty avoidable. How in the hell had I never heard of this? It’s a beauty and it’s called a Zeus Virus.

Zeus is a financial malware. It infects consumer PCs, waits for them to log onto a list of targeted banks and financial institutions, and then steals their credentials and sends them to a remote server in real time. Additionally, it may inject HTML into the pages rendered by the browser, so that its own content is displayed together (or instead of) the genuine pages from the bank’s web server. Thus, it is able to ask the user to divulge more personal information, such as payment card number and PIN, one time passwords and TANs, etc.

Not only can most virus software not detect it, but you can be looking right at the effects of it and fail to see it yourself. Unless you know. Then it’s painfully obvious. I didn’t know. I had no idea that there existed a virus, so devious that it could redirect you from a legit financial website, to a bogus confirmation form. Of course I knew about fake phishing emails, and I receive them from time to time. Some are more well done than others, but in the end, you can figure them out easily. Usually right-clicking the link they want you to follow and selecting “Copy link location” will show you that the URL is not related to your website. Pretty simple.

Detecting the Zeus virus would have been easy as hell. If I had any idea such a scam existed. I went to Wellsfargo.com. Typed in my username and PW on the LEGIT site and was taken to a security confirmation form. I knew I had come from the legit site, so I wasn’t too worried. I was slightly annoyed, but I looked up and saw “https://online.wellsfargo.com” It looked good. So I filled out the required info.
Shortly thereafter I had the same requests from eBay.com, and Paypal.com. I thought it was legit, but did not fill it out as I thought it was way more information than they needed. I figured this was a new trend in online security. Then I went to USAA.com to check my car loan and insurance. I got that same form. Hell, this one was probably worse. Every number that pertains to my financial self was on there. But I figured, “hey they already have it” so I filled it in and clicked submit. The page just reset. I wondered what I did wrong and called USAA. Five minutes later, I was feeling like an idiot. My initial reaction was “Virus? No, no, you don’t understand. I came from a legit page.” But it all made sense. So I don’t know what type of fall out there will be from my parting with such information, but I’m taking all sorts of steps to protect myself.

Hopefully I can protect you too. Ignorance, and maybe arrogance caused me to divulge my information. I can at least get rid of your ignorance. Though I have a feeling arrogance is another matter. You’re probably thinking right now “How could you be so stupid?!” arrogant bastard. Anyways, now that it seems my computer is owned by this Zeus crap, I have quite the opportunity to show you the BS forms.





The URI to TrackBack this entry is: https://monozygotic.wordpress.com/2010/03/15/what-the-zeus-virus-looks-like/trackback/

RSS feed for comments on this post.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: