Zeus botnet trojan horse is back
Saturday, April 24, 2010
The trojan can infect users of Mozilla Firefox and on , and steals login information by recording keystrokes when the machine connects to certain websites, usually banks or other financial institutions. The stolen data is transmitted to a remote server and sold to cyber-criminals. "We expect this new version of Zeus to significantly increase fraud losses, since nearly 30% of Internet users bank online with and the infection is growing faster than we have ever seen before," said Amit Klein, chief technology officer at Trusteer, to BBC.
The trojan has also affected Wikinews users, including Brian McNeil, who is the founder of Wikinewsie, a restricted-access wiki used to collaborate on sensitive news reports. McNeil reported on his userspace: "On Saturday [April] 17, a Windows-based PC in the house issued a cry for help, the Avira package running on the system had just detected a piece of malware; full scans indicated several known pieces of malware and numerous hidden files. Additional scans revealed that all but one of the USB memory sticks and portable hard drives in the house were infected with something. The Zeus botnet, as it turned out." E-mail accounts for accredited reporters have also been affected.
- Janet Harris. "Trusteer detects new Zeus (Zbot) password stealing Trojan" — , April 22, 2010
- "The ZeuS, ZBOT and Kneber Connection" — , 2010
- "Zeus banking virus is back warns security firm" — , April 21, 2010
- "Web hit by hi-tech crime wave" — , April 20, 2010
- "Infected XP owners left unpatched" — , April 16, 2010
- "ZeuS: 'A Virus Known as Botnet'" — , February 19, 2010