Thales Blog

Zeus continues to reign on high

May 5, 2010

News last week that Zeus, a virus that steals online banking details from infected computer users, is more powerful than ever should come as no surprise.

The malware steals log-in information by recording keystrokes when the infected user is on a list of target websites. The user's data is then sent to a remote server to be used and sold on by cyber-criminals. Banks’ web sites are top of the target list.

Banks can protect their customers’ online banking from criminals by introducing two-factor authentication – either via the mobile or via a CAP reader. The passwords captured using the keystroke logger become useless without the second factor. Ultimately, two-factor authentication could be used for log-in and to sign transactions, but this is probably unwieldy for most online use – and security is always a balance of cost, security and usability. Savvy banks however have come up with a compromise: ask customers for usernames and passwords to log-in, but require two-factor authentication when customers wish to access or change sensitive information or authorise payments and transfers of funds.

Unfortunately not all banks have taken this approach, and until they do, their customers will remain vulnerable. Only by properly securing the internet banking process using two-factor authentication can banks start waging an equal war against the cyber criminal.