New Variant of Trojan Zeus Detected
According to the researchers at Trend Micro (a security company), there is a fresh variant of Trojan Zeus or ZBot in the wild.
Zeus is a highly prevalent and an actively made toolkit for crimeware. Zeus popularity is attributed to its extremely easy use by attackers, even those who have low technical skill, for developing custom trojans and related command-and-control (C&C) servers.
The security company notes that the detected Zeus variant was created with the help of an old version of the ZBot malware kit, implying that the most recent Zeus sample could steal information and not insert fake login fields. The malware certainly lacks the capabilities for advanced fraud unlike what modern malicious programs can do. Consequently, it may not facilitate attackers to carry out money transfers secretly and help them to stay hidden during Internet banking transactions, Trend Micro underscores.
It also highlights that the latest variant attacks different Russian banks. Accordingly, the Internet banking systems it has targeted are - mylk.ru, osmp.ru, bank24.ru, telebank.ru, e-port.ru, citibank.ru, rbkmoney.ru, mdmbank.ru, yandex.ru and webmoney.ru.
Commenting on this unfortunate event, Loucif Kharouni (Threats Analyst at Trend Micro) stated that unlike before, he had observed Zeus attacked Russian banks considering that Russian people didn't bank online as popularly as others. According to the analyst, while he could recollect some ZBot/Zeus variants attacking Yandex services, he certainly couldn't recollect any variant attacking MDM Bank or any other Internet banking system of Russia, as reported by Softpedia on July 6, 2010.
Besides Russia, the new ZBot sample captures login credentials of other countries' bank accountholders like the US, Ireland, the UK, Poland, Spain, Holland, Germany, France, Italy, Bulgaria, Turkey, Belarus, the UAE, Australia and New Zealand.
Finally, the latest event apparently raises doubt as to how secured is the Internet banking practice in Russia given that the country's online banking industry is still undergoing its development phase. In case additional ZBot/Zeus variants crop up and target this industry during the upcoming years, then Kharouni concludes it will mean massive profits for online crooks.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 15-07-2010