Antivirus News

Trusteer Warns That Zeus Trojan Bypasses Up-to-Date Anti-Virus Systems 77 Percent of the Time



Online Banking Malware Eludes Detection and Infects More than Two Thirds of
Machines
NEW YORK--(Business Wire)--
Trusteer, the customer protection company for online businesses, reported today
that the Zeus online banking Trojan infects machines that are running up-to-date
anti-virus programs up to 77 percent of the time. These findings are based on a
sample of more than 10,000 users of the Rapport browser security service, whose
machines were infected with the Zeus Trojan.

Zeus, which is also known as Zbot, WSNPOEM, NTOS and PRG, is the most prevalent
financial malware on the Internet today. It infects consumer PCs, waits for the
user to log onto a list of targeted banks and financial institutions, and then
steals their credentials which are sent to a remote server in real time. It can
also modify, in a user`s browser, the genuine web pages from a bank`s web
servers to ask for personal information such as payment card number and PIN, one
time passwords, etc.

The report released today by Trusteer found that the majority of Zeus infections
occur on machines which have an installed and up-to-date anti-virus product.
Specifically, Trusteer found that among Zeus infected machines:

• 31% had no Antivirus protection installed

• 14% had Antivirus protection installed, but signature files were not up to date

• 55% had up-to-date Antivirus protection installed

"When we set out to measure the efficiency of antivirus products in the wild
against Zeus, we had no idea what kind of results we would get," said Amit
Klein, CTO of Trusteer and head of the company`s research organization. "The
findings, that up-to-date anti-virus programs were only effective at blocking
Zeus infections 23 percent of the time, are disturbing. This is bad news for
consumers and banks, since the vast majority of Zeus infections are going
unnoticed."

About Rapport

Rapport from Trusteer is a lightweight browser plug-in plus security service
that acts like a vault inside the browser and prevents redirection of user
information to fraudulent websites. It protects personally identifiable
information (PII) and Web pages from unauthorized access and theft while users
are accessing sensitive Web sites. Trusteer also offers in-the-cloud reporting
services where unauthorized access attempts detected by Rapport are analyzed by
fraud experts who provide actionable intelligence to financial institutions.

About Trusteer

Trusteer enables online businesses to secure communications with their customers
over the Internet and protect PII from a user's keyboard into the company's Web
site. Trusteer's flagship product, Rapport, allows online banks, brokerages,
healthcare providers, and retailers to protect their customers from identity
theft and financial fraud. Unlike conventional approaches to Web security,
Rapport protects users' PII even if their computer is infected with malware
including Trojans and keyloggers, or is victimized by pharming or phishing
attacks. Trusteer is a privately held corporation led by former executives from
Cyota/RSA Security, Imperva, and NetScreen/Juniper.

Continue Reading