Excellent overview of Zeus, a popular “crimeware” application that is used with great frequency by hackers. Worth a read. Outstanding work by the Secureworks team.
Just one gripe with the report: “The CTU recommends that businesses and home users carry out online banking and financial transactions on isolated workstations that are not used for general Internet activities, such as web browsing and reading email which could increase the risk of infection.”
Hmmm. It’s this kind recommendation that gives security professionals a bad reputation but, fortunately, inspires excellent Dilbert cartoons:
The other recommendations, however, are reasonable:
“Keep your antivirus, operating system and software patches up to date. Also do not open suspicious e-mail attachments or links from people that you do not know and even if you do know them, check with them to find out if they sent you something prior to opening the email. Additionally, awareness for both customers and employees is crucial. In particular, employees who interface with clients should be made aware of these types of threats to help triage potential victims.”