Malware That Changed The World – The Zeus Virus

A security firm recently announced that a particularly nasty virus, Zeus, has returned.

Zeus didn’t do too much damage last time around but the new variant is considerably stronger than it’s predecessor.

Zeus is basically a combination of a key logger and a Trojan that can get login details and send them to a remote server. It has already infected around 1 in every 3,000 computers that Trusteer monitor in the U.K. (this equates to around 1,800 machines as Trusteer monitors approximately 5.5 million PCs)

 

the Zeus virus

the Zeus virus

The rise of Zeus was first noted back in September 2009 when an online customer protection company, Trusteer, first described it’s capabilities.

Zeus infects machines running Microsoft’s Windows operating systems.

The malware enters the system via a browser, such as Internet Explorer or Firefox, and then infects the svchost file.

Zeus will then record a user’s keystrokes if they enter one of the targeted websites on it’s attack list.

The websites that Zeus attacks are banks and other financial institutions.

The criminals behind Zeus then either use the information that has been logged to get into bank accounts and steal directly or they sell the data on to third parties.

If you haven’t previously heard of Zeus it may be because it has gone by other names in the past such as Zbot, WSNPOEM, NTOS and PRG.

Ultimately, however, the name is unimportant as all the versions have the same aim which is to steal your money.

The return of Zeus is, perhaps, a little surprising as it’s command and control system had been disabled back in March when the Kazakhstani ISP that was administering it was cut off.

There are a very few security system present today that can quarantine Zeus infected files or remove Zeus from an infected system.

Therefore the best security against Zeus is to prevent it from getting installed in the first place by following sound security practices.

Only time will tell whether Zeus will become as notorious as Conficker but it probably already warrants a place amongst some of the other notable pieces of malware that have been released during the internet’s short history.

Read more : Malware That Changed The World

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Trackbacks

  1. […] botnet that is using this flaw in the PDF software is called Zeus and they have a pretty ingenious way of accomplishing […]

  2. […] There are new attacks invented every day but only a small minority of them change the world. […]

Speak Your Mind

*