Ice IX, Foremost Botnet Built With Publicly-Exposed Zeus Source Code
According to the security investigators at Kaspersky Labs, one fresh crimeware suite named Ice IX can be found that has been built with the help of the ZeuS information stealer's source code, which got exposed this year (2011). Softpedia reported this on August 24, 2011.
Described as the foremost Web-application of the current making, Botnet Ice IX regulates centralized networks of bots via HTTP associated with the exposed Zeus code. This botnet can be bought on the undisclosed economy as also is capable of producing custom Trojans, which add contaminated PCs to botnets.
Security Expert Jorge Mieres of Kaspersky stated that following gossips regarding the false amalgamation of ZeuS and SpyEye, along with the leakage of Zeus' source code; it was natural to have numerous additional opportunities become available for fresh Internet-crooks to unleash operations within the crimeware ecosystem. Inaudit published this on August 24, 2011.
Significantly, it was in July 2007 that the first discovery of ZeuS occurred when PC-hackers attempted at filching data from the U.S Department of Transportation. Since then the malware has been the most-widely used banker Trojan amongst cyber-criminals, with the infection count being 4:1 for ZeuS vs. SpyEye its nearest rival.
Moreover, SpyEye creator Hardeman, previously for a while, owned the code base of Zeus when he decided for amalgamating ZeuS and Spyware, but, ZeuS' source code really got publicly-exposed and freely available.
As per Mieres, the above pattern based crimeware was created for stealing banking data. Therefore it was wholly understandable that attention had to be focused over the said dangers as well as it be considered that the current edition of ZeuS had been circulating online since 2011-beginning, he added.
Mieres also said that the Ice IX in its current version is 1.0.5, while it's being illicitly sold for an extremely economical $1,800.
Nevertheless, when Kaspersky analyzed certain variants it found them to steal the credentials of Amazon AWS too. The theft possibly is because of a rise in the total volume of malicious software AWS hosts.
Mieres contends that clearly an increasing number of fresh crimeware will get created using the ZeuS code henceforth.
Related article: ICC Cup Event Could Be Fodder for Phishers
» SPAMfighter News - 03-09-2011