trojanMalware that was first spotted back in 2007 has made a comeback and is now propagating on Facebook.  The Zeus banking Trojan operates by infecting Web browsers, often by “drive-by download” from a corrupted website.  In this case, Zeus is spread via links posted on articles within Facebook.  Once clicked, the Trojan will download and infect a user’s computer.

The Zeus Trojan has already infected millions of computers over the past six years but infection rates had died down considerably until the early months of this year.  What makes Zeus particularly worrisome is that once it has infected a system it goes dormant until it can accomplish its task.  When a user logs on to a banking website, Zeus activates, capturing the username, password, routing information and any other personal financial information it can locate.  Trend Micro, a company specializing in system security, reported that information stealing ZeuS/ZBOT variants are reemerging with increased activity and new versions of malware. “Old threats like

[Zeus] can always make a comeback because cybercriminals profit from these,” Trend Micro’s Yaneza wrote. “Peddling stolen banking and other personal information from users is a lucrative business in the underground market.”

Chart by Trend Micro

Chart by Trend Micro

The recent spike in malware has led to efforts from Facebook and the FBI to investigate the cybercriminals responsible for the increased activity.  The problem comes from the fact that cybercrime is an international affair, which makes it difficult to both locate and prosecute the offenders.  Because it is unlikely that the Facebook Trojan problems will be sorted out anytime soon it is important to use caution when using the service.

Here are a couple tips to avoid getting the Zeus Trojan or malware in general:

  • Avoid clicking on unknown links especially if you do not the person posting them.
  • If you find yourself on a login screen after clicking a link, check the url and make sure it’s actually the correct website.  If you’re not sure, close out and go to the website manually.
  • Make sure you have updated antivirus software.
  • Use two-step verification on your online banking accounts.

– Richard Keene
IT Computer Support of New York
Design and Optimization Department