Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
The notorious ZeuS Banking Trojan seems to be immortal, like its Greek God namesake. In December it was reported that a new 64bit version of this banking focused credential stealer might soon be seen in the wild. This month, there are two reports of ZeuS variants on the loose, each with unique features for deceiving internet security.
Earlier this month, analysts at the security research firm Malcovery spotted the Gameover variant of ZeuS on the loose, disguised as an encrypted executable file. The encrypted file is able to slip past internet security because it does not appear to be an executable.
As in the past, the approach relies on spam email for delivery, infecting a victim using a malware downloader program called Upartre. A .zip file attached to the email contains Upartre, which first downloads the encrypted file from the Internet and then DECRYPTS the file. The file is then placed it in a new location with a new filename and is scheduled to execute in the future.
ZeuS is in the news again this week, with word of a new delivery method, according to researchers at the firm Malwarebytes.A variant called ZeusVM downloads a configuration file hidden in a JPEG image that contains the domains of the banks that the malware will target. This is a technique known as Steganography and is intended trick security systems into thinking the file is a harmless image.
There is at least the possibility of justice with these banking trojans, which cause financial harm to many. In January, the creator of a notorious imitation version of ZeuS called SpyEye plead guilty in US courts to wire and banking fraud charges related to his malware. Aleksandr Andreevich Panin, known online as “Gribodemon”, was arrested the Russian national by agents of Interpol in the Dominican Republic and had him deported to the US. The United States and Russia do not have an extredition treaty to deal with situations such as this. Russia has protested mistreatment claimed by Panin, including denial of medical care.
Panin’s case has focused attention on the threat that ZeuS like software pose. Panin sold his version for under $1,000 to hackers and reports indicated that it resulted in many millions of dollars in financial theft in a short time period. One Panin customer may have reaped as much as $3.2 million in just 6 months using SpyEye. With that kind of money at stake, it will take extremely long prison sentences to provide any deterrent value.
Despite the best efforts of banks and other institutions, ZeuS and its clones continue to threaten security with its ability to steal digital certificates, log keystrokes and steal banking credentials. Stolen credentials can result in drained bank accounts and money transferred to the attackers account. ZeuS’s main purpose is to keep stealing banking credentials. SSL certificates protect websites as well as their users from falling prey to such attacks, so these trojans use backdoors or other infected hosts to steal data at the server level
ZeuS communicates with its command and control servers over peer to peer networks, most prominently the Tor anonymous network. Tor is completely legal and there isn’t a way to bring it down, frustrating the surveillance industry.
Your computer is safe from ZeuS if you use the Comodo Internet Security. At worst, it will be isolated in the sandbox area where it will do no harm. If needed, free ZeuS removal software is available, such as the following from download.com: http://download.cnet.com/Zeus-Trojan-Remover/3000-8022_4-75183944.html
Related Resources:
Malware Removal Tools
Antivirus for PC
Best Antivirus Software
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
agreecheck
See how your organization scores against cybersecurity threats
Advanced Endpoint Protection, Endpoint Detection and Response Built On Zero Trust Architecture available on our SaaS EPP