Facebook warns users of the return of Zeus Trojan horse targeting their bank accounts.
The malware was first identified in 2007 by the U.S Department of Transportation but became prevalent in 2009 when it attacked over 3.6 million computers in the U.S alone. The same year, over 1.5 phishing messages were placed in Facebook used to conceal the malware. In 2010, credit cards became the target affecting about 15 banks compromising around $70 million. In 2011, a few internet security vendors including McAfee claimed that the malware had retired following the arrest of 100 people using Zeus for bank fraud.
Just when we thought that the malware was long gone, it was recently detected by Facebook and other social networking sites in their system affecting some accounts. The malware was hiding itself on ads or videos that suddenly show up on the screen of the users. Once the user click the pop-up, the account will become phished and will start using the account to send messages to friends to do the same. That starts the malware infection.
The malware will stay in the user’s account until such time that the user decides to check his online banking account. The malware will be automatically activated to store usernames and passwords which will be used by the source to hack the bank account and steal everything.
There were rumors that a Russian Business Network group based in St. Petersburg, Russia is responsible for the rebirth of the Zeus Trojan horse. The same cybercrime organization is notorious for its illegal businesses including child pornography, spamming, phishing, and malware.
Facebook has already partnered with FBI for an in-depth investigation of this issue. The social network giant had also teamed up with online security companies McAfee and Symantec to develop an Antivirus Marketplace. This will provide free-trials of anti-virus software.
Meanwhile, users can take action in securing their Facebook and bank accounts by avoiding clicking on unknown links and using two-step verification for your bank accounts.
If you think your account has been compromised, you may go to the Facebook Security page.