Zeus Trojan VirusTargets Online Shoppers

It was only a few weeks ago that I talked about an expected increase in online scams this festive period as more shoppers opt to buy their presents over the internet. Well, now is the time to introduce the latest of those: The Zeus Trojan.

Black-hat hackers have managed to install an illegal command and control infrastructure onto an unnamed site hosted on Amazon’s servers. Named as America’s number one most wanted botnet, Zeus was discovered on Amazon’s Elastic Compute Cloud (EC2) by security researchers on Wednesday.

For those who don’t know about ‘key stoke logging’, or ‘keylogging’, it is the practice of tracking (or logging) the keys struck on a keyboard, typically in a covert manner, so that the person using the keyboard is unaware that their actions are being monitored. Zeus just so happens to be one of these keyloggers. Through fake HTML forms, it is designed to steal data such as login credentials, account numbers and credit card information. It is already responsible for over $100 million in losses (mostly from bank fraud) in 2009 alone.

This incident is the first example of malware being found on Amazon Web Services infrastructure. Whilst details on how the website in question was actually hacked are so far being kept quiet, what we do know is that the software has now been removed from the server.

What this highlights once again is how we as users and they as services providers need to be aware to these threats constantly.  It's an ongoing threat that will never go away and one of these threats will catch you out eventually.  The trick is to be prepared for when it happens. Websites, corporations and end users should review their security features frequently to best avoid liability and keep an eye out for current known threat news on internet security forums.