Zeus Gang Sets Sights on Charles Schwab Accounts

Kara Reeder

While authorities were arresting more than 100 members of one Zeus gang, another gang was using the botnet to target Charles Schwab investment accounts, according to Fortinet's Derek Manky.


Computerworld reports that the attacks come from messages disguised as LinkedIn reminders that include links to malicious sites, which then hits the Windows PC with numerous drive-by exploits, looking for one that works. Once Zeus finds its way onto a PC, it silently captures log-in credentials for numerous online banks, including usernames and passwords for Schwab accounts. But it does something else:

The attack code also injects a bogus form that asks victims to provide additional information the thieves can later use to confirm that they are the legitimate owner of the Schwab investment account. On that form are fields asking for the user's mother's maiden name, driver license number and employer.

Manky says the fake form can appear while a user is on the legitimate Schwab site, making it impossible for the user to know the form was bogus. With this valuable information in hand, thieves can not only pillage accounts for cash, but also sell securities to restock the cash account for further withdrawals.

More from Our Network

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making


SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data