A new variant of the Zeus botnet called “Eurograbber” has managed to get around two-factor authentication of European bank customers to the tune of $47 million this year, reports CNet.
Security vendors Versafe and Check Point Software Technologies have released a report about the malware, which intercepts bank messages sent to customers’ phones as part of the authentication process.
This version of Zeus works through phishing attacks, tricking people to click on a malicious link. This then installs customized versions of the Zeus, SpyEye and CarBerp trojan’s on a person’s computer.
Then when the victim next visits his bank site, the malware prompts him to enter a mobile phone number. It then would encourage the user to upgrade his banking software, which really would infect the user’s phone. The malware could then intercept the bank’s transaction authorization number to transfer money out of the account.
Eurograbber has stolen about $47 million from around 30,000 bank accounts.
Read more here.