Fake browser warning your uncle might fall for delivers malicious trojan

Hackers have an almost unlimited number of ways to install malware on the computers of unsuspecting people. One of the more effective ones is, paradoxically itself, preying on the fear of being hacked.

A good example is the fake warning above. It's designed to resemble the alerts that Chrome, Firefox, and most other browsers display when a user tries to visit a site known to be malicious. It allows people to visit the site only by clicking a button acknowledging the risk.

In fact, the above warning is generated by attackers pushing ZeuS, a highly malicious computer trojan that steals online banking credentials and makes infected computers part of a botnet that can carry out a variety of other criminal acts. Researchers from PhishLabs who came across the warning still don't know exactly how people encounter the advisory hoax. They were, however, able to track the malware that gets installed when a user falls for it and clicks the update button. It's tied to a ZeuS command and control server.

Read 1 remaining paragraphs | Comments