A new Zeus Trojan variant that is targeting the Canadian human resources and payroll service provider, Ceridian. The attack mixes malware infection with social engineering. Zeus takes a screenshot of Ceridian s log-in, then, when a user with an infected machine attempts to log in to the Ceridian website, Zeus steals that user’s ID, password, company ID, company identification number, and an icon used as part of a secondary, image-based authentication system. These sorts of attacks can be quite lucrative, and going forward, Trusteer’s Amit Klein believes they will be increasingly commonplace.
Source: https://threatpost.com/zeus-variant-targeting-cloud-based-payroll-service-041012/76426/