Users of the social notworking site LinkedIn started receiving shedloads of spam email messages in a bid to recruit them into the Zeus botnet.
From 10am yesterday users of the business-focused version of Facebook started getting mail with a fake contact request containing a malicious link.
Cisco Security Intelligence said that these messages accounted for as much as 24 percent of all spam sent within a 15-minute interval today.
If users were dumb enough to click on the links in the email they would be taken to a web page that says “PLEASE WAITING…. 4 SECONDS..” and then redirects them to Google.
While it looks like nothing has happened, during the four second the victim’s PC will be attempted to be infected with the ZeuS Malware.
ZeuS, also known as Zbot, WSNPOEM, NTOS and PRG, is the most prevalent banking malware platform for online fraud. Lots of cyber gangs are using it to empty bank accounts.
The program then waits for the user to log onto a list of targeted banks and financial institutions, and then steals login credentials and other data which are immediately sent to a remote server.
It can also modify, in a user’s browser, the genuine web pages from a bank’s web servers to ask forpayment card number and PIN, and passwords.
Lately there is even a version which targets mobile devices – ZeuS in the Mobile or “Ztimo”.
Cisco Security Researcher Henry Stern said that criminals were misusing brands familiar to business users to trick them into becoming infected by data stealing malware.
“They want to infect those users with access to large-dollar online commercial bank accounts.”
Stern said that the social notworking hack was interesting because of its scale. There must have been tens of billions of messages.
He thinks it is the same guys behind it who stole over $100 million from commercial bank accounts in 2009.