http://www.computerworld.com/s/article/9246405/Zeus_banking_malware_hides_a_crucial_file_in_a_photo
By Jeremy Kirk
IDG News Service
February 18, 2014
A newly discovered variant of the notorious Zeus banking trojan is
disguising a crucial configuration code in a digital photo, a technique
known as steganography.
Zeus is one of the most effective tools to steal online banking details,
hijacking login details as a person accesses his account and masking
secret transfers in the background.
The variant, called ZeusVM, downloads a configuration file that contains
the domains of banks that the malware is instructed to intervene in during
a transaction, wrote Jerome Segura, a senior security researcher with
Malwarebytes. He wrote the behavior was first noticed by a French security
researcher who writes under the name Xylitol.
"The malware was retrieving a JPG image hosted on the same server as were
other malware components," Segura wrote.
[...]
--
Subscribe to InfoSec News
http://www.infosecnews.org/subscribe-to-infosec-news/
