Zeus targets credit card authentication services

The Zeus botnet is stepping up its phishing attacks

The infamous Zeus botnet has begun harvesting bank data by posing as a credit card verification scheme.

Security firm Trusteer said that the malware has been injecting phishing pages into systems which harvest bank details along with personal identification information.

The pages purport to be from a bank, and ask the victim to fill out an 'enrolment form' for the Verified by Visa or Mastercard SecureCode programmes.

The Zeus botnet is particularly notorious for its phishing practices. Rather than attempt to redirect users to infected sites or phishing pages, the malware embeds itself within the system and generates phishing pages locally.

Trusteer explained that the malware waits for the user to log-in to a banking site, and then generates the phishing pages which resemble the user's own bank. The attack currently targets customers of at least 15 US financial institutions.

The stolen account data is then used to register accounts with the verification services and perform fraudulent transactions.

Zeus made headlines earlier this year when it moved from collecting financial data to harvesting information from government workers.

The infections have continued despite increased efforts to shut the botnet down. Trusteer estimates that the malware may infect as many as one in every 100 computers.