Spotlight On Malware: Zeus

It may not be as powerful as the ruler of Mt. Olympus, but even so, the Trojan horse known as Zeus sure made a big mess of things in 2009. This is why it will be the focus of today's blog post.

But first off, I must tell you that Zeus is a piece of malware. (Well, thank you Captain Obvious.)

Zeus is a Trojan horse which was first identified in July of 2007. It was found to steal banking information by using a keylogger. It is mainly spread by drive-by downloads and phishing attacks. It became more widespread in March of 2009 and by June of that year, it had compromised over 74,000 accounts on websites such as Bank of America, NASA, Monster.com, as well as others.

The various Zeus botnets are estimated to include millions of infected computers (3.6 million in the USA alone.) And as of October 28th of 2009, 1.5 million phishing messages were sent out on Facebook purpose of spreading the Zeus Trojan. From November 14-15, phishing emails were sent out claiming to be from Verizon Wireless. A total of nine million phishing emails just like this one were sent in that time frame.

By 2010, Zeus was still not done. In July of that year, credit cards of more then 15 US banks were compromised. In October of that year, the FBI announced that it had discovered a major international cyber crime which had used Zeus to hack into US computers. This allowed the cybercriminals to steal over $70 million. More then 90 arrests were made in the US with arrests also made in the UK and in Ukraine.

In late 2010, a number of internet security vendors such as McAfee claimed that the creator of Zeus had said that he was retiring and had given the source code and the rights to sell Zeus to his biggest competitor, the creator of the SpyEye Trojan. In May of 2011, the source code of the then current version of Zeus was leaked.