Warning: A very sneaky and effective virus that steals online banking info.

Home Forums Computers / Electronics / Online Warning: A very sneaky and effective virus that steals online banking info.

Viewing 20 posts - 1 through 20 (of 20 total)
  • Author
  • #603199

    IMO, this particular virus is worse than most, because it can trick even those who are normally vigilant. That’s because it pops up when you yourself visit your bank’s website, which gives it the appearance of a legitimate part of the sign-in process. -icot

    One god-awful Zeus

    Virus makes money Hera today, gone tomorra

    by John Crudele

    (source: NYPOST’s website)

    I am now a full-fledged member of the Internet generation: Hackers planted a virus on my computer last week and nearly stole my bank accounts.

    The pop-up screen sent out by the virus sat right on top of my account statement and locked up the legitimate Chase site underneath. And the way the pop-up screen was positioned kept me from getting to the Chase customer service number.

    Security my [censored]! WhadyathinkImstupid?

    Zeus asked for the usual stuff: my Social Security number, date of birth, ATM card number, expiration date and my PIN code. It wanted the PIN code typed twice, like all legitimate organizations request.

    Why request anonymity? Because the people who are using Zeus to steal money might make him and his company a target.

    What they really wanted was to steal my identity using the details they requested, including the Social Security number. If I had been foolish enough to give up those eight government-issued numbers, the crooks could have taken out loans and credit cards in my name.

    (Incidentally, the folks at LifeLock, the company that sells products to fight identity theft, have been nice enough to keep a watch on all my accounts until the thieves decide to move on to other victims.)

    But two instances of this nonsense in less than a year make me wonder if we should all go back to passbook savings accounts and Christmas clubs.



    If a kind moderator or editor would change the </strong> that follows “(source: NYPOST’s website)” to </em>, I’d appreciate it.

    (It will also make the original post more readable.)



    It must be a slow day at the NY Post. This trojan is over 2 years old and isn’t much worse than alot of more current viruses. Just because a journalist gets a virus doesn’t make it significant.

    Mods: Please close this thread.



    You are correct that Zeus has been around for a while.

    With this, I disagree.

    1) The threat still exists. There are newer variations that are still being produced, and computers are still being infected.

    3) Anti-virus programs have had difficulty detecting and removing variants of this virus.

    5) This was/is a very widespread virus.

    6) If you are aware of more dangerous and pervasive PC computer threats, by all means publicize them.




    A virus can infect a computer by simply going to a website? Or by simply receiving an e-mail that you do NOT open any attachments? That seems to be the inference here, and I was not aware that to be the case. Otherwise, how can this virus infect ones computer?



    A virus can infect a computer by simply going to a website?

    Yes! Absolutely.

    Or by simply receiving an e-mail that you do NOT open any attachments?

    This was one I didn’t know the answer to (it has changed over time), so I did a bit of research (aka Googling).

    The best answer I can give is that it’s far less likely to get a virus by just opening the email itself (without opening any attachments or clicking on any links), but it is possible.




    Thank you. But HOW can simply viewing a website cause an infection? And if so, how can anyone ever go to a new website or any unfamiliar website (for example, found through google)?

    And how can it occur by simply viewing an email? And if so, how can people accept or read e-mails from people they don’t know?

    These are common everyday things.


    YW Moderator-42

    Derzooger, icot can probably answer this better but I’ll try 🙂

    If you have anti-virus software constantly watching your computer it is far less likely for you to be infected by simply openeing an email or web site. In order for a virus to infect you simply by opening an email, your email client has to run the code. I think that Gmail generally guards against this by not running any code in an email, they even block images which can sometimes contain malicious code (besides the obvious issues they may contain for a ben Torah). I would think that an email client like Outlook that is set to download the entire email is more likely to have such issues which is why you should have some sort of security software that scans emails as they come in (Gmail does this automatically for attachments though it’s not foolproof so don’t open suspicious attachments even if Gmail or any other program scanned it)

    In terms of web sites, you often have to click some sort of confirmation for it to affect you. These confirmations are often hidden in innocent looking yes/no type popups or more tricky ways such as the one described in the above article.



    “YW Moderator-42” doesn’t give himself enough credit – his answer is correct and well-explained.

    The way almost every type of virus works is that it tricks you or your computer into running something that shouldn’t be run. This can be thru scripting, tricking you into downloading and running something, or many other ways.

    Since there are several programs that can legitimately be needed to run in order to display a document, play a song, view a video and so on, if the “bad guys” find a vulnerability in one of those programs, they can exploit it to gain access to your PC.

    And if so, how can people accept or read e-mails from people they don’t know?

    I don’t have a good answer for you. Generally, I don’t open emails that look suspicious.

    This includes unsolicited emails from unknown senders, or even emails from my contacts that “just don’t smell right” – I’ve been sent emails from virus-infected computers, and a quick check (via a phone call) confirmed that the emails were fake.



    THANK YOU for posting this. I was a victim of this horrible virus and people need to know about this. This may have started years ago, but it is way worse now. You are right. It is very devcieving and much different than normal viruses. There is not one known Anti-Virus system that can catch it or detect ot before it happens. I believe that it is largere than personal computers being attacked. I really believe that these banking companies have been compromised in some way. — I found similar attacks when purchasing UNITED AIRLINE tickets a month ago, CAPITAL ONE login and CHASE. It is not a separate webiste…this thing is very serious. EVEN IF YOU do not have a CHASE acct, you can see this thing. HOW? Well, simply type chase.com , then enter a fake login and fake password and at the bottom of your window (or maybe in the URL) you will see MFASA ….this MFASA is also found in your REGISTRY . — In you Computer Windows ‘Search’ menu, type ‘regedit’, and you can search for MFASA under HKEY USERS through DOMAINS……ITS BAD and I have someone helping me get it out of my PC as we speak, but its horrible.

    AGAIN- thanks for the article and dont let these negative people ever hinder you from saying what needs to be said. Obviously, you have more experience and knowledge first hand.

    SHALOM and blessings from ARIZONA



    My sympathies – sounds like you had some major aggravation.

    Thank you for the kind words.



    About to fall off the page! People stay informed and protect yourselves!



    Can you write the specific steps to search for this virus in the Regedit?



    From YWN Main Site: (Link)

    Cyber Bank Robbers Attempt Billion-Dollar Heist, Targeting Your Money

    (Wednesday, June 27th, 2012)

    An organized global cyber crimewave has been underway for months, according to a report released today from security firms McAfee and Guardian Analytics, attacking banks in Columbia, Germany, Italy, the Netherlands, the United Kingdom and the U.S.

    A total of roughly $78 million was successfully siphoned out of bank accounts, according to researchers, with a potential total of $2 billion attempted. (Banks are understandably loathe to reveal losses and due to additional security concerns have not been identified.)

    First, you have to run some sort of anti-virus software. There are free basic versions out there from the likes of Avast, AVG, and BitDefender. Many of these monitor new threats and will warn you about suspicious Web pages.

    <a href=”http://www.foxnews.com/scitech/2012/06/26/cyber-bank-robbers-attempt-billion-dollar-heist-targeting-your-money/



    akuperma says: June 27, 2012 at 11:58 am



    I just found out that I have been paying third party non-authorized charges for a few years to Verizon. There is a class action suit, but I was informed by Verizon that under the terms of something or other, I must go to mediation, not lawsuit. I have no desire for a lawsuit l’chatchilah, only to get back what was wrongfully charged to me and paid. Anyone else have this experience? If so, how are you handling it?



    Basic web safety will protect you from many viruses like this.

    1- Enable your popup blocker. Web developers know how common pop-up blocking is and most legitimate sites will not use normal popups or popunders to ask for information.

    2- Install an anti-phishing addon that looks for suspicious things about sites. (For this you will need a fully functional browser browser, i.e. anything but IE or Safari)



    I clicked here from the main page, but the last post is from 2012?


    Little Froggie

    RY, I can’t beleive you’re posting a real (if you know what I mean) post!!

    I also noticed that. There are a lot of other things that have to get cleared up as well, don’t want to mention it “on air”. I guess they’re still working on things but decided to let us in even as they’re working on things… knowing how desperate we are.

    Again – THANK YOU, Administration and Editor.



    RY23, I believe the virus hit you.


    The reason this thread got bumped is that there was a spam post sent to this thread.

    That should not bump it, but it did. Add it to the list of items to be fixed on the new CR.

Viewing 20 posts - 1 through 20 (of 20 total)
  • You must be logged in to reply to this topic.