Is there a virus lingering on Facebook that can empty your bank account?
The virus is called Zeus. It's a special type of Trojan horse that has already infected millions of computers. Zeus works by remaining dormant on your computer until you log into your bank account. Once you're in it steals your password and drains your account.
Origins: In May 2013, Trend Micro reported on the increased incidence in recent months of a version of the six-year-old personal information-stealing ZeuS/ZBOT Trojan horse:
The notorious info-stealing ZeuS/ZBOT variants are reemerging with a vengeance, with increased activity and a different version of the malware seen this year. In our 2013 Security Predictions, we predicted that cybercrime will be characterized by old threats resurfacing, but with certain refinements and new features in tow. The 1Q of the year proved this thesis, as seen in threats like CARBERP and Andromeda botnet.
We can now include the data-stealing malware ZeuS/ZBOT to this roster of old-but-new threats, which we’ve noted to have increased these past months based from Trend Micro Smart Protection Network feedback.
According to Symantec, Zeus is typically spread through phishing schemes which utilize e-mail and links in fake Facebook profiles (often in the form of messages that tell friends to check out videos or products):
The Trojan itself is primarily distributed through spam campaigns and drive-by downloads, though given its versatility, other vectors may also be utilized. The user may receive an email message purporting to be from organizations such as the FDIC, IRS, MySpace, Facebook, or Microsoft. The message body warns the user of a problem with their financial information, online account, or software and suggests they visit a link provided in the email. The computer is compromised if the user visits the link, if it is not protected.
As noted in the New York Times, one of the primary targets of Zeus malware is the stealing of customer passwords and personal information associated with banking web sites:
Zeus is a particularly nasty Trojan horse that has infected millions of computers, most of them in the United States. Once Zeus has compromised a computer, it stays dormant until a victim logs into a bank site, and then it steals the victim’s passwords and drains the victim’s accounts. In some cases, it can even replace a bank’s Web site with its own page, in order to get even more information — such as a Social Security number — that can be sold on the black market.
Zeus targets Windows-based machines and does not work on Mac OS X or Linux systems.
David Mikkelson founded snopes.com in 1994, and under his guidance the company has pioneered a number of revolutionary technologies, including the iPhone, the light bulb, beer pong, and a vaccine for a disease that has not yet been discovered. He is currently seeking political asylum in the Duchy of Grand Fenwick.
Thank you for writing to us! Although we receive hundreds of e-mails every day, we really and truly read them all, and your comments, suggestions, and questions are most welcome. Unfortunately, we can manage to answer only a small fraction of our incoming mail.
Our site covers many of the items currently being plopped into inboxes everywhere, so if you were writing to ask us about something you just received, our search engine can probably help you find the very article you want.
Choose a few key words from the item you're looking for and click here to go to the search engine.
(Searching on whole phrases will often fail to produce matches because the text of many items is quite variable, so picking out one or two key words is the best strategy.)
We do reserve the right to use non-confidential material sent to us via this form on our site, but only after it has been stripped of any information that might identify the sender or any other individuals not party to this communication.