-5

How can I prevent from an attack like this?

http://www.youtube.com/watch?v=bgt98VajOv4

Edit: Sorry guys, I think I can't explain my question well. I don't want to secure myself from that trojan. I want to secure my users. There are lots of sensitive data in our pages and we need to secure these pages from trojans like zeus. Is there any way to validate my page is really my page or modified by any attacker?

Dogukan Demir
  • 1
  • 1

3 Answers3

1

A very obvious answer, Use an Anti-virus software along with an Anti-Malware software. NOTE: keep it updated to the latest virus definitions. Because having an anti-virus that is outdated is actually good for nothing. In this case, your data will be exposed only after your system is affected by a trojan. It can be affected by the files you copy/ open from an untrusted zone like an email attachment etc., There are so many antivirus programs available which are really good at tracking down the trojans. Install one and sweep out the Trojans !

Ebenezar John Paul
  • 2,874
  • 14
  • 23
0

I would agree with Ebenezar, Have anti virus updad should make you a bit safer, depending on what OS you are running. You could also in addition to having a up to date antivirus running

Check the urls you would receive on email on for example : Virustotal

which would be one of the techniques one would use if spreading this trojan.

Soap
  • 103
  • 5
0

You can't explain your question well, so its better to handle it as two separate questions.

  1. How can i secure my computer from Zeus Trojan?
  2. How can i know if my developed web pages are infected?

[1] As just said make use of Anti-Virus/Malware software, update it regularly and schedule at least weekly scans for each computer. Make sure that all of your systems software and OS are updated regularly. Use safe browsing tools/browser extension like NoScript, Adblock, WOT and read more by yourself about what these tools can do, this will also increase your cognition about web security issues.

[2] Many online services are available that can scan a site in search of malicious code just providing the site link (URL)
https://www.virustotal.com/#url
http://sitecheck.sucuri.net/scanner/
and so on...
If you are good enought, you can develop by yourself a tool that automates the process of scan using specific APIs provided by Google or Sucuri for example.

White Shadow
  • 66
  • 1
  • 3
  • virustotal and sucuri scans normal state of my page. If any user infected with zeus, zeus can inject some javascript files into my page. I don't want anyone to change my page or inject something. Zeus is not infected to my page, it's infected to my users. And they just think that they are login to my site but zeus gets their password before login to my page. – Dogukan Demir Oct 08 '13 at 05:37
  • Javascript is client-side executed, thats not feasible that Zeus can infect your site with Javascript injection. Seems to be that your fear some Cross Site Scripting attack. Anyway if you care about something (or someone) that can inject your site, you have to better understand some web application attack such as "SQL injection" or "Cross Site Scripting" (see the [top 10 threats by OWASP](https://www.owasp.org/index.php/Top_10_2013-Top_10) ) – White Shadow Oct 20 '13 at 11:25
  • And if your users are infected (and Zeus [keylogs](http://en.wikipedia.org/wiki/Keystroke_logging) their logins) you can't do anything else than say them to make use of anti-malware software as already said. – White Shadow Oct 20 '13 at 11:33
  • **WARNING:** WOT-ratings may be (partly) ok, but do **NOT install any WOT-software**, it can/must be considered as malware!!! - https://thehackernews.com/2016/11/web-of-trust-addon.html – DJCrashdummy Nov 11 '16 at 07:28