'Lite Zeus' has fewer tricks, but updated encryption
Researchers have discovered a new Zeus variant that packs fewer malicious tricks, but uses not-to-be-overlooked encryption mechanisms to remain undetected.
Fortinet detailed the variant, dubbed “Lite Zeus,” in Thursday blog post. According to Kan Chen, a junior AV analyst with Fortinet's FortiGuard Labs, the malware is distinct from other versions of Zeus, like Gameover, due to its network communication, command-and-control protocol and encryption techniques.
Of note, Lite Zeus only uses transmission control protocol (TCP) communication to send or retrieve information from its control hub, Chen wrote, and it is capable of performing a number of feats, including causing operating systems to shutdown or reboot. Attackers can also update the botnet at will to carry out other malicious activities of their choosing, the blog post said.