With just a few more shopping days available before Christmas, cybercriminals are taking advantage of online shoppers’ frenzied buying habits by injecting the Zeus Panda banking trojan into a wide range of retail and travel sites, along with spreading the malware through malspam.
Proofpoint reported that attackers are spreading Zeus Panda, which is normally a banking trojan, to non-banking targets such as consumer and e-commerce sites to take advantage of their higher-than-usual credit card use and traffic during the holiday period. Zeus Panda is a useful criminal tool to attack users of non-banking sites because it can be configured to steal credit card numbers, addresses, phone numbers, birth date, Social Security numbers, and security question-related information such as mother’s maiden name.
So far UK and Canadian firms have headed up the target list, with cybercriminals either using an email with a malicious attachment to drop Zeus Panda, or using malicious ads that have been inserted into compromised websites. The malware then waits until the user visits an online store or bank and quietly steals the person’s payment information.