Mixed News on Zeus

By Sue Poremba | Oct 14, 2010 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/mixed-news-zeus

It seems like hardly a day goes by without some news about the Zeus Trojan. Mostly the news is pretty bad, but every so often there is a glimmer of hope. Like the news stories I've seen over the past couple of days.

In negative Zeus news, F-Secure found a new variant of Zeus that is targeting mobile banking. According to an F-Secure blog post:

There's an interesting Windows+mobile case today involving a ZeuS variant that steals mTANs, using a Symbian (.sis) or Blackberry (.jad) component.

An mTAN is a mobile transaction authentication number, sent via SMS, and is used by some banks as a form of single use one-time password to authorize an online financial transaction. The SMS message may also include transaction data that allows you to ensure that nothing has been modified (via a Man-in-the-Browser attack).

In positive Zeus news, writer Spencer Dalziel reported that criminals are beginning to move away from Zeus. (Unfortunately, they are just moving to another botnet, Bugat.)

More positive news is Microsoft has (finally) developed a removal tool for the Zeus Trojan, although InfoWorld chastises Microsoft for taking two years to do so.

I feel like I write about Zeus a lot, but that's because Zeus is a major player in the way we have to approach risk management and security solutions. Trust me, I can't wait for the day when I can write, "Zeus finally appears to be dormant." Until then, I'll stay updated on the latest Zeus brings us.