#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Insider Risk Management

Zeus | Breaking Cybersecurity News | The Hacker News

FBI's Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty

FBI's Most-Wanted Zeus and IcedID Malware Mastermind Pleads Guilty

Feb 18, 2024 Malware / Cybercrime
A Ukrainian national has pleaded guilty in the U.S. to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was  arrested  by Swiss authorities in October 2022 and extradited to the U.S. last year. He was added to the FBI's most-wanted list in 2012. The U.S. Department of Justice (DoJ)  described  Penchukov as a "leader of two prolific malware groups" that infected thousands of computers with malware, leading to ransomware and the theft of millions of dollars. This included the Zeus banking trojan that facilitated the theft of bank account information, passwords, personal identification numbers, and other details necessary to login to online banking accounts. Penchukov and his co-conspirators, as part of the "wide-ranging racketeering enterprise" dubbed Jabber Zeus gang, then masqueraded as employees of the victims to initiate
FBI Offers $3 Million Reward For Arrest Of Russian Hacker

FBI Offers $3 Million Reward For Arrest Of Russian Hacker

Feb 25, 2015
The US State Department and the Federal Bureau of Investigation announced Tuesday a $3 Million reward for the information leading to the direct arrest or conviction of Evgeniy Mikhailovich Bogachev , one of the most wanted hacking suspects accused of stealing hundreds of millions of dollars with his malware. This is the highest bounty U.S. authorities have ever offered in any cyber case in its history. The 30-year-old Russian man who, according to bureau, is an alleged leader of a cyber criminal group who developed the GameOver Zeus botnet . STOLE MORE THAN $100 MILLION Evgeniy Mikhailovich Bogachev, also known under the aliases " lucky12345 ," " Slavik ," and " Pollingsoon, " was the mastermind behind the GameOver Zeus botnet , which was allegedly used by cybercriminals to infect more than 1 Million computers and resulted in more than $100 Million in losses since 2011. GameOver Zeus makes fraudulent transactions from online bank account
New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours

New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours

Jul 17, 2014
One of the oldest active malware families, Pushdo, is again making its way onto the Internet and has recently infected more than 11,000 computers in just 24 hours. Pushdo, a multipurpose Trojan, is primarily known for delivering financial malware such as ZeuS and SpyEye onto infected computers or to deliver spam campaigns through a commonly associated components called Cutwail that are frequently installed on compromised PCs. Pushdo was first seen over 7 years ago and was a very prolific virus in 2007. Now, a new variant of the malware is being updated to leverage a new domain-generation algorithm (DGA) as a fallback mechanism to its normal command-and-control (C&C) communication methods. DGAs are used to dynamically generating a list of domain names based on an algorithm and only making one live at a time, blocking on 'seen' Command & Control domain names becomes nearly impossible. With the help of a DGA, cyber criminals could have a series of advantages
cyber security

Guide: Secure Your Privileged Access with Our Expert-Approved Template

websiteDelineaIT Security / Access Control Security
Transform your Privileged Access Management with our Policy Template—over 40 expertly crafted statements to elevate compliance and streamline your security.
A SaaS Security Challenge: Getting Permissions All in One Place

A SaaS Security Challenge: Getting Permissions All in One Place 

May 08, 2024Attack Surface / SaaS Security
Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access to which data sets. The terminology differs between apps, but each user's base permission is determined by their role, while additional permissions may be granted based on tasks or projects they are involved with. Layered on top of that are custom permissions required by an individual user.  For example, look at a sales rep who is involved in a tiger team investigating churn while also training two new employees. The sales rep's role would grant her one set of permissions to access prospect data, while the tiger team project would grant access to existing customer data. Meanwhile, special permissions are set up, providing the sales rep with visibility into the accounts of the two new employees. While these permissions are precise, however, they are also very complex. Application admins don't have a single screen within these applications th
After Takedown, GameOver Zeus Banking Trojan Returns Again

After Takedown, GameOver Zeus Banking Trojan Returns Again

Jul 12, 2014
A month after the FBI and Europol took down the GameOver Zeus botnet by seizing servers and disrupting the botnet's operation, security researchers have unearthed a new variant of malware based explicitly on the same Gameover ZeuS that compromised users' computers and collectively formed a massive botnet. GAMEOVER ZEUS TROJAN The massive botnet, essentially a collection of zombie computers, specifically was designed to steal banking passwords with the capability to perform Denial of Service (DoS) attacks on banks and other financial institutions in order to deny legitimate users access to the site, so that the thefts kept hidden from the users. As a result of it, Gameover ZeuS' developers have stolen more than $100 million from banks, businesses and consumers worldwide. NEW GAMEOVER ZEUS TROJAN On Thursday, security researchers at the security firm Malcovery came across a series of new spam campaigns that were distributing a piece of malware based on the Gameover Zeus code which
ZeuS Botnet Updating Infected Systems with Rootkit-Equipped Trojan

ZeuS Botnet Updating Infected Systems with Rootkit-Equipped Trojan

Apr 21, 2014
ZeuS , or Zbot is one of the oldest families of financial malware , it is a Trojan horse capable to carry out various malicious and criminal tasks and is often used to steal banking information. It is distributed to a wide audience, primarily through infected web pages, spam campaigns and drive-by downloads. Earlier this month, Comodo AV labs identified a dangerous variant of ZeuS Banking Trojan which is signed by stolen Digital Certificate belonging to Microsoft Developer to avoid detection from Web browsers and anti-virus systems.  FREE! FREE! ZeuS BRINGS ROOTKIT UPDATE Recently, the security researcher, Kan Chen at Fortinet has found that P2P Zeus botnet is updating its bots/infected systems with updates version that has the capability to drop a rootkit into infected systems and hides the trojan to prevent the removal of malicious files and registry entries. The new variant also double check for the earlier installed version (0x38) of ZeuS trojan on the infecte
Cybersecurity
Expert Insights
Cybersecurity Resources