Zeus malware targets LinkedIn users

Cisco security researchers have positively identified a malicious spam campaign targeting LinkedIn users with fake contact requests.

Unsurprisingly, the e-mail “contact” message contains a nefarious link that, if followed by the recipient, attempts to install malicious software.

According to Cisco, the malware associated with the LinkedIn campaign is a variant of the Zeus data theft family which operates by embedding itself in a user’s web browser. 

The malware is then well positioned to execute various malicious tasks, including stealing a user’s online banking credentials.

“Targeting social network users for distributing financial malware is a smart move for the criminals. These attacks are much more likely to succeed than phishing attacks on banks,” security expert and Trusteer CEO Mickey Boodaei told GlobalSecurityMag.

“Once Zeus [is] installed on the user’s computer then the criminals get access not only to login information – but also to real-time transactions and other sensitive information on the victim’s computer.”

Boodaei also warned that Zeus malware was currently being modified by cybercriminals to attack smartphone users.

“The spread of Zeus into mobile platforms marks the beginning of a new era of malware mobility. What’s dangerous in this approach is that the same malware controls two communication channels: the PC and the mobile device.

“As a result, [Zeus] can launch extremely effective attacks against banks and organizations that rely on these two channels for authentication and transactions,” he added.