A couple of 20 year olds were arrested by the Metropolitan Police Service of Manchester for violating the 1990 Computer Misuse Act and the 2006 Fraud Act. They had configured the Zeus Trojan, a.k.a. Zbot, to steal victims bank account information, passwords, credit card numbers and other information.
Arrests “a breakthrough”
“The Zeus Trojan is a piece of malware used increasingly by criminals to obtain huge quantities of sensitive information from thousands of compromised computers around the world,” said Detective Inspector Colin Wetherill of the Metropolitan Police’s Central e-Crime Unit (PCeU), in a statement. “The arrests represent a considerable breakthrough in our increasing efforts to combat online criminality.”
Zeus widely available
The Zeus crimeware toolkit is widely available in the cyber-underworld for free or for purchase. It’s delivered to unsuspecting users via spam. It’s been reported that it’s easy to use and a powerful tool for stealing personal data from remote systems. It was initially linked to a group of online criminals known as “Rock Phish” that targeted financial institutions all over the globe. It has been reported that Facebook and MySpace users have been targeted in a recent spam campaign.
About Mailprotector
Mailprotector’s services protect your personal information from these types of Trojans. Our systems protect your Exchange server, or any mail server, from spam, viruses, Trojans, phishing attacks, and other email borne malware.
Security researchers recently found a Trojan that uses Facebook to communicate with its command and control server. The Trojan malware is being spread via e-mail through “documents (PDF, or MS Office formats) containing exploits for known vulnerabilities,” writes Andrea Lelli, a security analyst with Symantec Security Response. The malware works by contacting the mobile version of Facebook and using its Notes section.
Clues in the title
By analyzing the Trojan’s code, Lelli found that the Trojan will perform four different actions, depending on the notes’ titles that are found. If the title is Wells, the note will contain the timedate stamp for when a machine was infected. If it is WebServer, however, the note will contain a URL to be contacted from which the Trojan will receive commands, Lelli wrote.
“The real command and data processing is done through the remote URL that was received from the notes, and this URL may point anywhere,” Lelli blogged. “However … one could use a Facebook account as a C&C [command and control] server and this Trojan is able to successfully parse the Facebook html data, retrieve the wanted data from it, and also post new data to it (it may for example send stolen data to it in the form of a note in the same [way] as it sends a timedate stamp).”
The flipside
Social networks have been used to help control malware in the past. In August, Arbor Networks researcher Jose Nazario uncovered a botnet using Twitter to communicate with its army of compromised machines.
About Mailprotector
Mailprotector’s services prevent Trojans, viruses, spam, phishing attacks and other email borne malware from getting to your inbox and spreading havoc throughout your email infrastructure.
Facebook won a victory against a notorious spammer on October 29th when a federal judge awarded them $711 million. The judge found the spammer Sanford Wallace guilty of violating the Can-Spam Act as well as a restraining order. Wallace and two others used phishing sites and other methods to take control of Facebook accounts to use in their spamming operations.
Not the first lawsuit for “Spam King”
Sanford Wallace is better known as “Spam King” and “Spamford”. He’s been sued numerous times for spam and spyware related damages. Facebook attorney Sam O’Rourke was cautious about the win:
Facebook happy with outcome
“While we don’t expect to receive the vast majority of the award, we hope that this will act as a continued deterrent against these criminals,” blogged O’Rourke, Facebook’s lead counsel for litigation and intellectual property. “Most notably, the judge referred Wallace to the U.S. Attorney’s Office with a request that Wallace be prosecuted for criminal contempt, which means that in addition to the judgment, he now faces possible jail time. This is another important victory in our fight against spam. We will continue to pursue damages against other spammers.”
About Mailprotector
Mailprotector’s services help mitigate “Spam King’s” ways by blocking spam, spyware, phishing, Trojans, viruses, and other email borne malware to your inbox.
