Latest Zeus Trojan Supersedes Antivirus, Undetectable
Just when security companies have developed new ways of dealing with the infamous Zeus Trojan, a variant characterized as the "Son of Zeus" has arisen. Worse yet, the variant has the trait of being virtually undetectable by conventional antivirus applications.
About the Zeus Trojan and MS Windows
The Zeus Trojan made headlines back in 2009 as a "highly customizable" tool for hackers. It's main mission is to sniff out financial information and break into online bank accounts. Security experts estimate that the Zeus Trojan has been used to infiltrate tens of thousands of PCs around the world. Owners of infected PCs are unaware their computers are even infected, with the majority (if not all) of infections targeting MS Windows PCs. (Source: computerworld.com)
Zeus a Persistent Threat, Continues to Morph
The Zeus Trojan continues to be a persistent threat and was responsible for stealing 3 Million US Dollars (as of October 1st, 2010) and a reported 6 Million British Sterling from UK bank accounts (Source: itnews.com.au).
The latest revision of the Trojan ("Son of Zeus") Trojan is codenamed "TSPY_ZBOT.BYZ," according to security experts. The reason why it is able to slip by conventional antivirus programs is because it imports a large number of application programming interfaces (API's), making it difficult to know (or even predict) where it will strike next. (Source: itpro.co.uk)
New Variant More Efficient Than Original
As is the case with most types of malware variants, the newer version is somewhat different (and much more efficient) than its predecessor. It is also different in its compression and can foil a detection system based on calculable entropy. In a nutshell, calculable entropy pertains to finding where in the viral code certain trigger routines might be hidden and gives TSPY_ZBOT.BYZ its "undetectable" status.
With most forms of malware, security companies are able to isolate the virus in a virtual "sandbox" and track how the code was executed, what system changes it made and any network traffic it generated. Thus, Zeus (in all of its forms) refuses to "play in the sandbox". (Source: itnews.com.au)
Conventional Antivirus Not Sufficient
This spells disaster for most security companies whose primary focus is to keep their customers safe. As Trend Micro research engineer Julius Dizon expressed, "To properly guard against this threat, conventional antivirus is not sufficient. Only improved detection techniques and proactive blocking of the websites, working together, can protect users."
Last Tuesday, Microsoft's Malicious Software Removal Tool (MSRT) was able to detect the original Zeus Trojan and has since removed 281,491 infections as of yesterday. (Source: computerworld.com)
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.