Zeus Trojan Kits Detected by RSA
On May 15, 2008, EMC's Service Division, RSA, an Internet security provider, released highlights of its April 2008 online fraud report, reported CSO on May 15, 2008.
The report revealed that Trojan infection kits, which are known as a 'ready-made Zeus attack infrastructure', are available in market on rent as well as for purchase and help in operating Zeus Trojan (or wsnpoem).
To make Trojan attacks, a compromised back-end server is required and after placing it, Zeus administration panel is installed with a username and a password.
According to the online report, even an unprofessional person can easily operate the Zeus administration panel, reported ITPRO on May 14, 2008.
Moreover, hackers can easily access a server, i.e., 'all-in-one' solution, which has in-built malicious tools and Zeus Trojan administration panel, revealed RSA online report.
The report explained that through this service, a hacker can easily access the new Zeus Trojan server, create malicious points and collect data as it contains all the required stages, as reported on May 14, 2008 by ITPRO.
Geoff Noble, Banking and Finance Specialist, RSA, said that Zeus packages, which are offered in the market, are sold in the name of security services that are offered by legitimate security vendors but this Zeus package is actually offering malware, reported CIO on May 15, 2008.
He further added that purchasing Zeus is like purchasing a traditional software support and maintenance and this means that fraudster can easily carry on his business without updating or patching the system.
Moreover, with the help of this package, hackers can easily infect Internet users, create botnet of infection-prone machines and possess a Web hosting control panel, which can be easily operated by anyone.
Thus, this package helps in establishing a Zeus infrastructure and successful implementation of the Zeus attacks more easily, says the online report, reported CIO on May 15, 2008.
According to Anti-Fraud Command Centre (AFCC), when an infected Internet user accesses specific Website, the Zeus Trojan allows advanced logging. When the information collected by this Trojan is send to collection point, it is encrypted and can be easily forwarded to SSL encryption.
Related article: Zeus Trojan Stole Huge Amount of Information
» SPAMfighter News - 19-05-2008