Ir para o conteúdo
  • Revista PROGRAMAR: Já está disponível a edição #60 da revista programar. Faz já o download aqui!

IRX773

Almost all Fortune 500 companies show Zeus botnet activity

Mensagens Recomendadas

IRX773

Mais sobre as "peripécias" do Zeus (para quem ainda não tinha lido):

Up to 88% of Fortune 500 companies may have been affected by the Zeus trojan, according to research by RSA's FraudAction Anti-Trojan division, part of EMC. The trojan installs keystroke loggers to steal login credentials to banking, social networking, and e-mail accounts.

The botnet was first identified in 2007 and is still around today. The malware tends to be difficult to detect and remove, and several million machines worldwide are believed to be infected. The Zeus server-side components, used to collect the stolen data, surprisingly mimic techniques more commonly seen in the world of commercial software; the software is licensed (with fees ranging from several hundred to a few thousand dollars), and each installation is tied to the hardware it's installed on in a system reminiscent of Microsoft's software activation. The malware itself predominantly attacks Windows XP machines, though Windows Vista and Windows 7 variants are available for sale too.

The value of Zeus control servers is such that they have themselves become targets for hackers, seeking to steal the large caches of stolen data.

RSA's study examined data found on Zeus control servers, finding e-mail addresses and IP addresses belonging to many major corporations. There was evidence of some form of infection from almost all the Fortune 500 companies, with stolen e-mail in particular from around 60% percent. About 20 companies with significant consumer-focused brands such as Google were excluded from the study as the sheer volume of data prevented any meaningful analysis.

Smaller companies (those with fewer than 75,000 employees) appeared to have a higher proportion of infected employees, suggesting that perhaps larger corporations are more effective at securing their systems and data. Home computers not subject to corporate IT policy but used to access corporate mail and networks are a particularly high risk.

De reparar que é um grande número mas que, tal como indicado, empresas (20 delas) como a Google não foram "estudadas".

Daqui a pouco (e piada para gamers) tem de se chamar o Kratos do God of War para dar um kill no Zeus :thumbsup:

Partilhar esta mensagem


Ligação para a mensagem
Partilhar noutros sites

Crie uma conta ou ligue-se para comentar

Só membros podem comentar

Criar nova conta

Registe para ter uma conta na nossa comunidade. É fácil!

Registar nova conta

Entra

Já tem conta? Inicie sessão aqui.

Entrar Agora

×

Aviso Sobre Cookies

Ao usar este site você aceita os nossos Termos de Uso e Política de Privacidade. Este site usa cookies para disponibilizar funcionalidades personalizadas. Para mais informações visite esta página.