Zeus malware-botnet spotted on Salesforce.com - BestCyberNews: Online News Presenter in the present world

BestCyberNews: Online News Presenter in the present world

Start knowing

test banner


Zeus malware-botnet spotted on Salesforce.com

Security vendor Adallom warns, they are found the Zeus banking malware tuned to use to attack in new ways, the Zeus malware is known to steal banking credentials to siphon off victims funds.

Zeus is the top banking Trojan, according to Dell SecureWorks, which made major discoveries about criminally-operated botnets based on the malware that date back to 2007. 

According to Adallom, Zeus malware was detected targeting an individual's Windows-based computer in order to get into Saleforce.com as the victim logged in.
Then quickly gathered up a large amount of Salesforce business data through a kind of web-crawling action, cloud-based security-monitoring service spotted the ongoing attack on one of its customers.

The Adallom technology detects anomalies in SaaS usage or clearly unauthorized behavior, it can flag the security manager. It will also watch for distinct signs of trouble that there’s a compromise, such as simultaneous activities that appear to put the user in two geographic locations at once, perhaps California and China. 

Tal Klein, vice president of marketing at the Menlo Park, Calif said, Adallom’s SAML proxy approach does not interfere with other identity-management and authentication processes used by the enterprise, including cloud-based access management and provisioning from Okta or Ping Identity.

Arbor Networks recently put forward an analysis of one botnet version, Gameover Zeus, whose toolkit dates to 2011. Zeus is often described as sophisticated banking Trojan malware that can execute an array of financially-oriented attacks, such as grabbing online credentials and siphoning off funds in payment systems to enrich attackers running complex botnet operations that often involve "money mules" as well.

Author Venkatesh Yalagandula Follow us Google + and Facebook and Twitter

No comments:

Post a Comment