Zeus Returns to Wreak Havoc
I haven't talked about the Zeus botnet lately. There was a period of time when I couldn't go a day without reading about Zeus or without getting an email with some news about the botnet.
Well, whatever the reason, Zeus -- or a variant of it -- has returned. In Fortinet's monthly threat landscape report, it was announced that a Zeus botnet variant was second in monthly malware activity due to its source code being cracked and leaked. According to Derek Manky, senior security strategist at Fortinet:
The surge in Zeus activity doesn't surprise us given the botnet's popularity and the fact that its source code was hacked and subsequently leaked to the public last May. We believe it's highly likely that we will continue to see Zeus and SpyEye -- another popular botnet whose source code was also recently cracked and leaked publicly -- to spread in waves in the coming months.
One of Ice IX's most remarkable innovations is the altered botnet control web module which allows cybercriminals to use legitimate hosting services instead of costly bulletproof servers maintained by the cybercriminal community.
This will likely mean an increase of attacks involving online financial transactions.
Zeus has always been troublesome, but it appears that the new variant of the botnet could be anti-virus software proof.
I was happy that I didn't have to write about Zeus for a long time, but it looks like the botnet has returned to my radar for some time to come.