Akamai Warns Fortune 500 of High-Risk reat from Zeus Crimeware

June 10, 2014 Akamai Warns Fortune 500 of High-Risk Threat from Zeus Crimeware

Akamai Contacts Rob Morton

Media Relations

617-444-3641

rmorton@akamai.com

or

Tom Barth

Investor Relations

617-274-7130

tbarth@akamai.com

CAMBRIDGE, MA - June 10, 2014 - Akamai Technologies, Inc. (NASDAQ: AKAM), the leading provider of cloud services for delivering, optimising and securing online content and business applications, today released, through the companys Prolexic Security Engineering & Response Team (PLXsert), a new cybersecurity threat advisory. The advisory alerts Fortune 500 enterprises to a high-risk threat of continued breaches from the Zeus framework. Malicious actors may use the Zeus crimeware kit to steal login credentials and gain access to web-based enterprise applications or online banking accounts. The advisory is available for download at www.prolexic.com/zeus.

The Zeus framework is a powerhouse crimeware kit that enterprises need to know about to better defend against it, said Stuart Scholly, senior vice president and general manager, Security Business Unit, Akamai. Its hard to detect, easy to use, and flexible - and its being used to breach enterprises across multiple industries.

Responsible for recent data breaches

Malicious actors using the Zeus crimeware kit have been responsible for several recent high-profile cybersecurity breaches of Fortune 500 firms. Computers, smart phones and tablets infested with the Zeus bot (zbot) malware become agents for criminals - serving a malicious master, sharing user data, and becoming part of a botnet to attack computer systems.

Using the kit, attackers harvest data, such as login usernames and passwords, as entered from a web browser on an infected device. In addition, an attacker may insert additional fields into the display of a web form on a legitimate website to trick the user into supplying more data than a site usually requires, such as a PIN number on a banking site. Attackers can even remotely request the users machine take a screenshot of the current display at any time.

All data requested by the attacker is sent back to a command and control panel, where it can be sorted, searched, used or sold. The harvested data is likely to be used for identify theft. It could also be sold to competitors or used to publicly embarrass a firm.

Stealing enterprise access and trade secrets

Many enterprise applications and cloud-based services are accessible from the web. Platform-as-a-service (PaaS) and software-as-a-service (SaaS) vendors are at risk of being victimized and may face the loss of confidential customer information, trade secrets, data integrity, reputation and more.

Employees, customers and business partners may unintentionally download the Zeus malware onto their enterprise computers or personal devices. When they subsequently login from the web using the device, they may inadvertently hand confidential information to malicious actors. With so many devices already infected, attackers may mine that data for credentials for specific web-based applications or services, bringing together a wealth of information from a large number of users to target a specific site.

Anti-virus software may not detect Zeus malware

The Zeus framework has been used to spread malware and gather information for many years. Its ignoble success is due in large part of its extreme stealth. Files are hidden, content is obfuscated, firewalls are disabled, and communication can be distributed. A Zeus tracking organization estimates the antivirus detection rate for Zeus at only 39.5 percent. Even devices with anti-virus software installed may be infected.

Enterprises advised to take steps to secure their network environment

Zeus is insidious, even in the most secure environments, Scholly noted. Users are tricked into running programs that infect their devices, so strict enforcement of organizational security policies and user education can help. Enterprises are encouraged to develop a rigorous website security profile that includes a web application firewall. This approach can disrupt Zeus communication patterns and help prevent data breaches and file scanning attempts.

Get the Zeus Crimeware Kit Threat Advisory to learn more

In the advisory, PLXsert shares its analysis and details about the Zeus framework, including:

Origins and variations

How the kit works

Indicators of infestation

The process of infection

Remote command execution

A lab simulation showing its power and threat

Recommended mitigation

A complimentary copy of the threat advisory is available for download at www.prolexic.com/zeus.

About Akamai

Akamai is the leading provider of cloud services for delivering, optimising and securing online content and business applications. At the core of the Companys solutions is the Akamai Intelligent Platform providing extensive reach, coupled with first class reliability, security, visibility and expertise. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to securely leverage the cloud. To learn more about how Akamai is accelerating the pace of innovation in a hyperconnected world, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

Top

LINK:	http://uk.akamai.com/html/about/press/releases/2014/press-061014.html...
	See more stories from akami

Most recent headlines