Steganogra-What? How Zeus Steals Your Banking Login & 2 Ways to Stop It

Ever hear the saying, “A picture is worth a thousand words?” In this case, a picture may be worth a thousand dollars — $1,000 — stolen from your bank account.

ZeusVM, a new variant of the Zeus banking trojan, collects your banking login details, masking secret transfers of your money to cyber-criminals’ accounts using legitimate login access to your account, and it does this all by hiding in digital photos.

This sneaky technique is called “steganography,” as reported by ComputerWorld AU:

Steganography has long been used by writers of malicious software. By embedding code in a file format that looks legitimate, there’s a chance the file will be given a green light by security software.

“From a webmaster point of view, images (especially ones that can be viewed) would appear harmless,” Segura wrote.

Hiding in plain sight: a story about a sneaky banking TrojanMalwarebytes blog explains:

The Zeus/Zbot Trojan is one the most notorious banking Trojans ever created; it’s so popular it gave birth to many offshoots and copycats.

The particularity of Zeus is that it acts as a “man-in-the-browser“ allowing cyber-crooks to collect personal information from its victims as well as to surreptitiously perform online transactions.

2 Ways to Take Out ZeusVM: First, The Hard Way

In the comments section of the Malwarebytes blog post, the author of the blog post offers one method to avoid ZeusVM from accessing your login details:

Safe mode is a little deceiving as it wasn’t created to protect against threats but rather to be able to boot up Windows when there are some problems (typically with system drivers).

A better solution is to use a Linux Live CD which runs a clean operating system that is loaded on a read-only media. It takes a minute or two to boot up but may be worth the peace of mind.

More info on live CDs here:

If you’re not apt to run a Live CD every single time you need to log into your account(s), there is an easier, more proactive solution.

Now, The Easy Way to Stop ZeusVM

Steganogra-What? How Zeus Steals Your Banking Login & 2 Ways to Stop ItRaxco’s PerfectGuard multiple antilogger software works like a charm: download it, install it, and enable all protection modules with the click of a button to activate real-time protection and put a stop to the hidden threats your antivirus misses:

  • Prevent keyloggers recording what you type into your keyboard, like usernames and passwords (including pre-encryption SSL data you type into seemingly “secure” pages), social security numbers and private conversations.
  • Block malware that capture screenshots from your monitor to protect your viewing privacy and critical information typed into virtual on-screen keyboards, including vulnerable data entered into seemingly secure web pages.
  • Prevent webcam hijackers recording what your webcam sees – whether it’s on or off – as some spies can watch you while your webcam indicator light is off.
  • Block the recording of cut, copied and pasted items, like usernames and passwords stored in a file for critical financial or email accounts.

Learn more about PerfectGuard or download a fully functional 15-day free trial and protect yourself now.

Category: PC ProtectionPerfectGuard