Zeus Malware Uses Facebook To Drain Bank Accounts

The Zeus malware that drains bank accounts is back — and this time it’s alive and well on Facebook.

TrendMicro recently published a chilling graph that demonstrated the resurgence of this classic Trojan virus which a Russian crime syndicate known as the Russian Business Network uses to steal money from victim’s bank accounts. The Zeus and related Trojan viruses surged in February and hit a peak in May.

Despite being six years old, the Zeus malware continues to thrive. In its current incarnation, it is taking advantage of Facebook psychology to infect millions of computers in the United States.

Eric Feinberg, founder of a group called Fans Against Kounterfeit Enterprise (FAKE), told The New York Times that they have noticed an increase in fake Facebook profile pages that encourage people to click on dangerous links that infect their computer.

One example was a group called “Bring the N.F.L. To Los Angeles.” When Feinberg asked a security lab to test some of the links posted on the page, they confirmed that they contained the Zeus malware.

Unlike some malicious viruses, the Zeus malware doesn’t try to crash your computer. Instead, it waits quietly until the victim logs into a banking site and then harvests the log-in information so that the crime syndicate can drain the bank account.

In an added twist, some versions can replace the genuine bank Web site with a lookalike page that asks you for Social Security numbers and other financial information. If you’ve recently been warned by your credit card company or bank not to answer those questions — as I have — well, now you know why. Even though your bank account may have already been drained by the criminals, they can squeeze additional value from the malware by selling your Social Security number and other information on the black market.

Feinberg has complained that Facebook isn’t doing enough to fight the Zeus malware. Facebook has fired back that it does actively scan for malware. They also noted that users are free to sign up for services that scan and remove malware from devices.

Feinberg would prefer that fake profiles not be posted on Facebook in the first place. However, any move Facebook would make to fight fakes would also make it more difficult for legitimate people to quickly open new accounts.

What more do you think Facebook can or should do to fight the Zeus malware bank account draining Trojan virus?

[photo by Chad McDermott via Shutterstock]