Intense Competition between Zeus and SpyEye

Creators of the Zeus Trojan are competing with those of SpyEye. Both SpyEye and Zeus are toolkits that make Trojan software. These toolkits are specifically crafted that provide cyber-criminals a simple means to build botnets of their own that would steal passwords.

Nevertheless, commenting on the new happenings, security expert Brian Krebs who was formerly a Washington Post reporter blogged that the author of SpyEye is introducing an update, which according to him, is capable of inserting content into the Internet Explorer and Firefox browsers in the same way as Zeus does. Precisely, because of such inserting capability, Zeus-using thieves are able to beat bank's security authentication systems, which customers are required to fulfill while banking online, as reported by ESecurityPlanet.com on April 2, 2010.

According to Krebs, the new SpyEye has arrived as the author of Zeus is pushing his own newer versions, accompanied with an expensive cost price. The old Zeus toolkit was launched at price of around $4,000 whereas, the newer update's base price is $8,000 or so, i.e. nearly double the amount.

However, the SpyEye creator is considering continuing his public relations scheme for downplaying Zeus. While doing this, the emphasis is on the comparatively cheap cost of SpyEye, which is only $500.

Notably, SecureWorks, the Atlanta-based security firm comments that the new Zeus updates contains anti-piracy mechanism. This mechanism relies on a licensing system that's hardware-based, i.e. the 'system' can be only executed on one system.

When run, the particular PC produces a code after which the author provides the user a key that is specific to that PC, writes SecureWorks, as reported by Krebsonsecurity.com on April 1, 2010. The company adds that such a magnitude of control for malware is observed for the first time.

Prominently, these malware items posed a stark problem during 2009. In October that year, the Federal Bureau of Investigation of United States estimated that they resulted in $100 Million in losses.

Finally, such turf wars are a very common stuff for cyber-criminals. Back in 2008, a piece of malware named Storm Worm started attacking computer servers that Srizbi, a rival controlled. Similarly, some years before that, Worm Netsky's creators programmed their code so as to eradicate rival malware MyDoom and Bagle.

Related article: Indian Financial Industry Facing Rising Online Fraud

» SPAMfighter News - 4/14/2010