MSRT Tool Fails In Spotting Zeus’ Latest Version
Security investigators from Trusteer a security company claim that albeit Microsoft has enhanced its MSRT (Malicious Software Removal Tool) with new defense abilities towards assisting organizations combat the notorious data-stealing Trojan namely Zeus, the tool has, however, failed in detecting the malware's most recent edition.
Notably, Zeus steals banking details via recording the keystrokes of the user and it's disseminated chiefly via phishing scams and drive-by downloads. After getting detected during July 2007 first, the Trojan reportedly has been contaminating PCs since then.
Highlights the security company that to see how effective the tool was in detecting and eliminating Zeus, it tested MSRT on innumerable Zeus files. Subsequently, it discovered that MSRT spotted Zeus 2.0 in 46% of the cases; however, failed to spot the latest 2.1 edition of the Trojan.
Elaborates Symantec, Zeus has immense benefit over MSRT so far as carrying out fraud is concerned. Because MSRT doesn't work in real-time as also merely disinfects a computer whilst it's on, hackers take advantage of the time between a Zeus contamination and MSRT's subsequent scrutiny for stealing cash out of the bank account of a victim.
Remarking about these fascinating discoveries of Zeus, Chief Executive Officer Mickey Boodaei of Trusteer stated that financial fraud mostly happened in days or hours following a PC's infection through Zeus, as the stolen information got instantly sent over to cyber-criminals. SCMagazineUS.com published this on November 3, 2010.
Boodaei added that the criminals had a "window of opportunity" during the interval of a PC's contamination through Zeus and MSRT's subsequent computer scan for siphoning off cash out of the bank account of a victim. According to the CEO, the scammers were extremely fast to act: they infected a user, analyzed his PC and when the user visited his bank account anytime after that, the fraud was already done.
Eventually, as per Trusteer, there's a gap between the mitigation efforts of the industry for computer security and the activities of Zeus writers. It says, Microsoft's weapon to combat the Zeus is wrongly chosen. Rather it should adopt real-time, signature-independent way outs as also improve operating systems still further.
Related article: Majority of Internet-linked PCs Unsafe, Says Secunia
» SPAMfighter News - 12-11-2010