One in Five Compromised Machines Had a Zeus Variant

Soon after the Zbot detection was started (2nd week of October 2010) by Microsoft, the company reported that the threat was detected on one in five compromised systems.

Commenting on the issue, Jeff Williams, Principal Group Manager at the Microsoft malware Response Center stated that, of the 1,344,669 systems cleaned, this ratio of 1:5 was much higher than they normally witnessed even while accounting for the normal, first-month spike, which occurs from the addition of a new family but not remarkably this much," as reported by SCMagazineUS on October 18, 2010.

In another statement Williams further stated that to put this in better outlook the eliminations of Zbot are nearly as many as the eliminations of the #2 and #3 malware families this month combined (Win32/Vundo and Win32/Bubnix respectively), as reported by Softpedia on October 18, 2010.

As a matter of fact, Microsoft explains that it removed Zeus, 281,491 times from 274,873 systems thus, making it the most widespread family of malware eliminated from systems, as per a Sunday blog post, reported by SCMagazineUS on October 18, 2010.

Though the software giant is taking sufficient measures to remove the malware caused due to Zbot, Avivah Litan, security expert don't anticipate any good news in future.

Elaborating, Avivah Litan, a security expert at Gartner commented that, there were so many malware writers there, and they saw the chief Zeus author make around $15 million from Zeus license rights as part of commmisions, as reported by Govinfosecurity on October 18, 2010. According to her malware writers finds it an easy method make money and hence are coming up with new and advanced versions of malicious software.

Furthermore, according to the recently published half yearly report of the company, Microsoft informs that botnets such as Zbot are a strong source of support for both cybercrooks and cybercrimes.

The report highlights that botnets are an important asset for their owners called bot herders, who earn money by renting them to cybercrooks to exploit as a means to market for cybercrime attacks like, spam attacks, phishing attacks, click fraud, identity theft, and circulation of spam e-mails. Bot herders safeguard their botnets carefully and spend huge amounts of money, time, resources and efforts in them, as reported by Techworld on October 16, 2010.

Related article: One Out of Four Data Breaches Involves Schools

» SPAMfighter News - 10/23/2010