Explore the latest news and trends  

Keep yourself up to date with one of the following options:

  • Explore more news around Spam/Phishing, Malware/Cyber-attacks and Antivirus
  • Receive news and special offers from SPAMfighter directly in your inbox.
  • Get free tips and tricks from our blog and improve your security when surfing the net.
Go
-->

Fresh Zeus C&C Vulnerability Detected

Google security engineer Billy Rios has detected vulnerability within the C&C (command-and-control) Web program of Trojan Zeus that if exploited can let hackers to effortlessly compromise botnets amassed through the malware. Softpedia published this on September 27, 2010.

The most widely used toolkit for crimeware, Zeus is utilized for producing tailored samples of trojans that capture information, along with related command-and-control Web programs for operating contaminated PCs.

The vulnerability within the toolkit helps to easily take control of the C&C servers that issue commands and transmit the latest software onto hijacked PCs, which are usually innumerable in number. Following this there're numerous botnets amassed with Zeus of which huge numbers get exposed to the mechanism.

Solely 2 public pages get exposed with the C&C Web program. These include one that aids contaminated PCs to take instructions and transmit stolen data, and another that's the login page. The web-page that acts as a "gateway" is found differently, while the data exchanged via it is RC4 cipher encrypted.

States Rios, both the encryption code and the page's position are easily obtainable from a contaminated PC's memory alternatively through other means.

He explained that when the C&C hijacking code was run it became possible to write or read anything whatsoever to the central server. TheRegister published this on September 27, 2010.

Rios further explained that a backdoor could be dropped on the C&C to enable theft of data, destruction of the server alternatively taking control of it. Since the hacker gained admission into the C&C system, he also got to know the username and password of the bot controller's C&C. Further, he got to know the username and password of the cleartext data collection that backed the C&C, the specialist highlighted.

Hitherto, attackers used the attack code on the 1.3.2.1 version of Zeus that was introduced during January 2010. However, it's understood that the code will be effective on the toolkit's majority of earlier as well as later versions too. In this connection, security researchers forecasted that Zeus maker's inexperience in developing and releasing updates quickly would hinder their ability in plugging the security hole fast.

Related article: Fark.com Files Suit against Suspected Hacker from Fox13

ยป SPAMfighter News - 05-10-2010

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next