Client Testimonial
"DLIT are always responsive to our needs and they understand how crucial it is to maintain the efficiency and integrity of our systems at all times." read more »
Group Managing Director
Marriage Maestros
Client Login
 Quick Contact
Zeus botnet malware is bettering for hackers
Category : General 18 Mar 2010 04:49 AM | Industry News
The latest version of ZeuS botnet toolkit includes a $10,000 module that can let attackers take complete control of a compromised PC.
A major new case of computer hacking has been uncovered. A virus known as botnet invaded the computers and used them to steal data from commercial and government systems. Among other things, the hackers have gained access to e-mail systems and online banking
a ZeuS botnet of roughly 100,000 infected systems whose overlords (or enemies) exercised the “kill operating system” feature built into the botnet code, instructing all of the infected computers to render themselves unbootable and for all purposes unusable by either the bad guys or the rightful owners of the machines.
Zeus v.1.3.4.x has integrated a powerful remote-control function into the botnet so that the attacker can now "take complete control of the person's PC," says Don Jackson, director of threat intelligence at SecureWorks, which released an in-depth report on Zeus this week. Zeus code changes are always underway by the author and owner, who is believed to be one individual in Eastern Europe.
Its discovered more than 75 gigabytes worth of stolen data during routine analytic tasks as part of an evaluation of a client network on January 26. The cache of stolen data included 68,000 corporate login credentials, access to e-mail systems, online banking sites, Facebook, Yahoo, Hotmail, 2,000 SSL (Secure Sockets Layer) certificate files and data on individuals, NetWitness said in a statement and in a whitepaper available for download from its Web site.
In addition to stealing specific data, Zeus can be used to search for and steal any file on the computer, download and execute programs and allow someone to remotely control the computer.
More than half of the compromised machines were also infected with peer-to-peer bot malware called Waledac, the company said. Nearly 200 countries were affected, with most of the infections found in Egypt, Mexico, Saudi Arabia, Turkey and the United States.
The upcoming version of ZeuS, v.1.4, is still in beta but promises yet more deadly features. Its "Web Injects for Firefox" capability, for instance, would let the attacker present a screen on the fly in the Firefox browser in order to elicit more sensitive information during the banking transaction by pretending the bank needs the information. The ZeuS Trojan is also getting polymorphic encryption to re-encrypt itself to appear unique each time, thus making it even more difficult for anti-virus software to detect it.