Shoppers are being reminded to be careful when purchasing goods online following a recent code update for Zeus Panda (aka Panda Banker) malware. In time for the festive season, the code update included a newly configured hit list targeting high street shops online as well as travel and online streaming sites – all intended to reflect the festive holiday shopping and habits of users.
The malicious code is injected into the websites and is designed to steal login credentials such as name, address, date of birth, mother’s maiden name, credit card information and mobile telephone number. Zeus Panda previously targeted the financial sector and has seen a relatively quiet 2017. As it is sold as a commercial malware, Zeus Panda is used by many criminal groups, and no particular group has been identified as being responsible for its use. Different variants of the malware over the past two years have been used to target payment systems, banks, airlines and online gaming sites. We would remind users of the importance of keeping antivirus services up to date, following safety warnings if shown by the web browser, and avoiding clicking on unknown links in unsolicited emails.
Duncan is a technology professional with over 20 years experience of working in various IT roles. He also has a wide range of other skills in radio, electronics and telecommunications.