“Strange story … getting headlines … nobody really saying anything … if we knew more, it would be interesting”.
— Steve Gibson, Security Now Podcast, 3 June 2014
Steve explains how this became news because a court in Pittsburgh allowed the FBI to interfere with this existing and criminal botnet. The FBI could not interfere (shutdown) this legally without this court order. The court issued a permission to allow the FBI to interfere with the botnet for a limited duration — 2 weeks.
Presumably this is the basis of the “2-weeks” alarm message that is being spread widely in the UK media (BBC, national press, malware software vendors, etc.). I’ve not seen an explanation of why “2-weeks” reported in the media. Presumably, after the 2-week window ends, the FBI will have no longer taken control of the botnet.
The message is getting through. Relatives are asking me about it. I hear comments at work. People are scared.
Zeus is malware which watches what the computer is doing and is banking-account aware. In the USA, there is no protection for business accounts against this crime. A valid request to transfer (mainly wire transfers) is a valid request, in their eyes. The bank does not care if it was from the legitimate user, or the criminal.
Meantime, yesterday we took one of those phone calls from India where the caller said “I’m from Microsoft Technical Support, and we are calling to inform you that we have detected a virus on your computer.”