The online banking password stealing botnet known as Zeus has been uncovered as the weapon of choice for a group of hackers who have targeted Charles Schwab investment accounts recently.
Zeus has caused quite a stir in the online banking security world. Authorities are working overtime in attempting to crack down on cybercrooks who continually use Zeus to attack online banking accounts. In the latest attack on Charles Schwab investment accounts, authorities have made some headway by arresting more than 100 members of a Zeus gang just three weeks ago. Since then other gangs, such as the one who attacked Charles Schwab investment accounts, have popped up on the radar carrying out the typical method of siphoning cash and using hired 'money mules' to transfer the funds.
It is rather obvious that the cybercriminals who exploit Zeus to steal funds from online banking accounts, have expanded their outlook by delving into lucrative investment accounts. You can think of this as a classic bank robber's last hurrah or desperate attempt to 'make-away' with a big payout.
Although authorities have not identified the criminals in the Charles Schwab Zeus attack, they already suspect that Zeus activity will increase potentially to new types of banking accounts. That is exactly what has taken place in this case. By using the sophisticated Zeus bot, hackers are able to silently sneak onto a PC through an exploit and capture login credentials for a large number of online banks including Schwab accounts. The exploited vulnerabilities could be a 'Windows Help & Support Center' bug uncovered by a Google security engineer back in June. This same exploit was patched by Microsoft in July but researchers believe that the Zeus infections originated from messages posing as LinkedIn reminders messages. LinkedIn membership and investment banker account ownership are believed to have some type of association which cybercriminals were probably able to base the original infection off of to initially spread.
Zeus remains to be among the top botnets and is causing a pandemic for authorities in putting an end to cyber-gangs who use the malware to steal money from online accounts. Zeus has been virtually unstoppable in its time of existence and now has become a widely supported parasite by hackers. At this point, it is apparent that we won't see any stop to the arrests being made for newly uncovered Zeus gangs and money mules. Until we can find a way to put an end to the functionality of Zeus and lock up these criminals for a very long time, we will continually witness online banking theft.
What kind of punishment do you think cybercrooks who use Zeus to steal money from online banking accounts should receive? What type of punishment would it take to send a stern message deterring future cybercrooks from using Zeus to steal money from online bank accounts?