Skip to main content

Zeus

Researcher snaps a Zeus hacker's photo through his webcam

posted onAugust 8, 2014
by l33tdawg

Security researcher Raashid Bhatt has detailed how to bust the security protections of the Zeus banking trojan allowing him to take a webcam photo of the scammer.

Bhatt (@raashidbhatt) wrote in a technical blog how he reverse-engineered the malware after a scammer attempted to foist the malware on him through a phishing scam claiming that "a person from your office was found dead outside" directing him to open a malicious attachment to verify the victim's identity.

'Lite Zeus' has fewer tricks, but updated encryption

posted onJuly 1, 2014
by l33tdawg

Researchers have discovered a new Zeus variant that packs fewer malicious tricks, but uses not-to-be-overlooked encryption mechanisms to remain undetected.

Fortinet detailed the variant, dubbed “Lite Zeus,” in Thursday blog post. According to Kan Chen, a junior AV analyst with Fortinet's FortiGuard Labs, the malware is distinct from other versions of Zeus, like Gameover, due to its network communication, command-and-control protocol and encryption techniques.

Zeus-family trojan spreads by way of spam botnet

posted onDecember 6, 2012
by l33tdawg

A new wave of spam campaigns are dispensing "Gameover,” the only banking trojan in the Zeus family to use peer-to-peer (P2P) communications to hide its activities.

The threat of the malware has become even more pervasive now that criminals are using Cutwail, the world's largest spam botnet, to deliver malicious emails containing Gameover. The spam is made to look like messages from top U.S. banks, researchers at Dell SecureWorks Counter Threat Unit (CTU) found, with the hopes of luring users into clicking attached PDF files.

Symantec finds Zeus infected Aonymous DDoS tool

posted onMarch 7, 2012
by l33tdawg

Considering Anonymous’ disparate nature, and no central authority calling the shots, it’s a surprise this group has not turned on each other already. Antivirus firm Symantec reports that associates of the group are finding themselves victims of denial-of-service software that has been infected by a Trojan horse.