Another ZeuS-Based Malware Uncovered
A researcher at Trend Micro predicts that since the source code of ZeuS has been leaked, cyber-criminals will likely create their own ZeuS based malicious bots that'll be HTTP controlled. In connection with this, the security firm discovered one fresh ZeuS associated variant.
Researchers at Trend Micro stated that the said variant appeared as better created compared to the lately uncovered crimeware namely Ice IX which didn't do per promise.
Moreover, Trend Micro researcher Jasper Manuel says that lately the firm got one more revised variant that it identified as TSPY_ZBOT.IMQU, which can be said as one of the current generation of ZBot (another name for ZeuS) variants. This variant probably is the creation of the ZeuS malware kit 184.108.40.206, as its code suggests, Manuel continues. InfoSecurity published this on September 5, 2011.
Manuel further says that the 220.127.116.11 edition is believably modified ZeuS' private edition that one private professional crime-group similar as LICAT crafted. Although nobody has hitherto sold this fresh edition of the malware kit, it's expected that additional variants of the same kind will be witnessed as emanating not far from now, he adds.
Possibly, this solution will be effective something that Ice IX couldn't do: a revised encryption or decryption algorithm, which's expected to stop malware chasers from examining the related configuration file.
Finally Manuel says that the newest ZeuS samples unambiguously mean that the Trojan continues to be an extremely lucrative malware piece as also that there's no stopping of cyber-criminals in spending resources for the publicly disclosed ZeuS code.
Notably, this malware attacks various financial institutions in USA, Brazil, Ireland, Spain, France, Belgium, Germany, Italy etc. More amazingly, the program attacks HSBC Hong Kong that indicates the fresh Zeus variant will likely be utilized within an international scam, possibly covering Asian countries.
Also it's significant that ZeuS keeps on hitting the headlines. During August 2011, ZeuS competitor SpyEye's source code was disclosed publicly followed with researchers who uncovered combined code for malware samples having the features of both ZeuS and SpyEye.
However, security specialists advised that users must make their anti-virus solution up-to-date for avoiding the malicious program in question.
Related article: Another Worm Using Bush’s Theme Creeps Into PCs
» SPAMfighter News - 14-09-2011