Zeus: The Most Widespread Spy Program in October 2010

Recently, Kaspersky released a report of October 2010. According to the report, although, the month witnessed fewer incidences of malware attacks, Zeus Trojan became one of the topmost widespread spy programs during October 2010. This widespread popularity was mainly because of the easiness with which, Zeus Trojan can compromise online information.

Commenting on the issue, Vyacheslav Zakorzhevsky, Senior Virus Analyst at Kaspersky Lab and author of the report stated that, this piece of malware showed the creativity and eagerness of the Zeus developers to circulate their virus across the globe, as reported by the MODERN GHANA on 04 Nov 2010.

According to the report, during October 2010, a virus identified as Virus.Win32.Murofet generated domain names that were used later to circulate Zeus botnet. This virus creates links by means of a special kind of an algorithm based on the present time and date of the compromised machine.

On the basis of these data or information, it creates two binary words, as per their base md5, adds one of the likely domain zones -.Com, .Biz, .Org, .Info, .Net. It further adds at the bottom of the line "/ forum" and utilizes the consequential link. As per experts, this virus is linked with a Trojan horse Zeus and doesn't infect another executable files.

Further, during October 2010, the fame of forged archive files - Hoax.Win32.ArchSMS boosted. The operating technique of this malicious software is as follows: First, the user is encouraged to send a message to the premium number to recover the information of the archive. But after sending the message on the number to the torrent tracker the money sent for the message will be lost, highlights Kaspersky Labs.

Meanwhile, Trojan.JS.FakeUpdate.bp, which is a script from the FakeUpdate family and generally pops up on porn websites, is on the list of leading malware producers during October 2010. When a user opens the video clip, a pop-up window appears stating that a new media player is required to be installed to view the video clip. The new media player actually contains a Trojan that changes the 'hosts' files or documents.

Kaspersky Lab's security experts again cautioned users to be more alert while browsing through the Internet and avoid visiting suspicious websites.

Related article: Zeus Trojan Stole Huge Amount of Information

» SPAMfighter News - 11/16/2010