Security Corner

Sep 30 2010   11:59PM GMT

LinkedIn Target of Spam Intended to Infect Users with Zeus Trojan



Posted by: Ken Harthun
Tags:
Cybercrime
LinkedIn
spam
Zeus Trojan

On Monday, some members of the business social network LinkedIn were emailed LinkedIn Alert messages with a link that masqueraded as a contact request. It was the largest such attack known to day. Cisco reports in a blog post:

Clicking the link takes victims to a web page that says, “PLEASE WAITING…. 4 SECONDS,” and redirects them to Google. During those four seconds, the victim’s PC is infected with the ZeuS data-theft malware via a drive-by download.

It is thought that the attackers were targeting business users who would likely have financial responsibility in order to gain access to funds in bank accounts. In case you’re not familiar with what Zeus does, here’s info from Wikipedia:

Zeus (also known as Zbot, PRG, Wsnpoem, Gorhax and Kneber) is a Trojan horse that steals banking information by keystroke logging. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009, security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster, ABC, Oracle, Cisco, Amazon, and BusinessWeek.

It is still active in 2010. On July 14, 2010, security firm Trusteer filed a report which says that the credit cards of more than 15 unnamed US banks have been compromised.[8] A recent outbreak is being called Kneber.

Better be careful and delete any suspicious items if you are a LinkedIn member.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: