Security lessons in Zeus botnet raid on UK bank accounts

The well-read UK security news site The Register is carrying a story detailing how the operators of the Zeus botnet planted their sophisticated malware on thousands of UK bank customers’ computers, stole log-in information then raided the accounts for more than $1 million with the help of money mules.Bradley Anstis, vice president of technical strategy for M86 Security, which discovered the attack several weeks ago, told The Register that his company is providing information to the bank involved as well as law enforcement officials.He said the M86 identified the botnet a command and control server -- hosted in Moldova -- and downloaded log files from it.“It also found that the exploit pack used to seed the attack had claimed a much larger number of victims - as many as 300,000 machines. The vast majority were Windows boxes, but 4,000 Mac machines were also hit.“The logs also revealed that 3,000 online banking accounts had been victimised between 5 July and 4 August alone,” The Register said.Story here.This should be the big wake-up call for Mac users: it’s time to run an anti-virus application and firewall.We’re NOT going to get into the ever-raging fight about the intrinsic security of Macs vs. Windows. Banking Trojans like (continue reading...)