Stealth New Zeus Infection Campaign Targets Enterprises,Analyst Report

Zeus (AKA Zbot) is a highly effective Trojan that steals personal information and website login credentials.

Once downloaded, the Trojan injects itself into the browser and monitors all traffic. It then steals login credentials to sensitive websites. Zeus also changes web pages that users view, asking for additional sensitive information and sending it to the attackers.

Zeus now actively targets corporate users through an effective email campaign that asks Outlook Webmail users to update their settings.

The goal of this attack is to harvest credentials used to access enterprise web accounts such as banking, webmail, and CRM, financial, etc., SaaS applications.

Since Zeus is poorly detected by most antivirus programs, enterprises are advised to take special precautions to protect their assets including: educating employees about fraudulent emails regarding Outlook Web Access upgrades, blocking downloads of executable files and zip files through the web, and locking down browser settings to prevent the injection of unauthorized code into web sessions. 

Download Advisory