The Zeus Botnet continues to evolve and shift in focus from
its traditional targets, banks and their customers, to other money-handling
institutions like electronic money and online payment systems, according to a new
report.
The shift has been going on for months and likely follows
policy moves by banks to protect themselves and their customers from the
malicious theft of personal and financial information.
The report, by security firm Trusteer, says firms like Nochex, a small-business centered online payment company, Web Money and Money Booker have all been the target of multiple Zeus variants – 26 in the case of Money Booker, a service that allows consumers to make online payments without the hindrance
of having to disclose personal information. Among the most
recent Zeus victims are prepaid debit card provider, netSpend and ‘money-like’ currency
and wire transfer service, e-gold, which has been accused of violating money laundering laws.
Businesses
are increasingly turning to online
services to handle financial transactions.
Coffee giant Starbucks recently announced that
they would be accepting mobile payments via iPhone, iPod Touch, and Blackberry
at some 8,000 pilot locations, according
to a report from Techspot. In order to use this method of payment,
consumers must first download an app from Starbucks. The app essentially turns
one’s smart phone into a Starbucks gift card onto which they can add money via
PayPal or credit card.
Trusteer believes that attacks on these sorts of payment
methods will increase in months and years to come and the companies providing
these services must be ready to defend themselves and their customers.