Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Zeus source code: from $100K to free in a matter of months

According to Peter Kruse, a security researcher with CSIS, the code appears to have leaked to at least two dark market forums.

As reported previously by Infosecurity, Zeus' source code was originally offered for $100,000 back in February, a price tag that reportedly fell to $5,000 within a few weeks, culminating last month with elements of the source code being file-shared on BitTorrent.

Now it appears the entire code is now available for free online, as Kruse says he spotted the source being released to the masses on several underground forums last weekend.

"We already collected several addresses from where it is being distributed in a compressed zip archive. We even compiled it in our lab and it works like a charm", he said in his latest security blog.

"Zeus/Zbot is already considered as being amongst the most pervasive banking Trojan in the global threat landscape. It is an advanced crime kit and very configurable", he added.

The CSIS researcher went on to say that, with the release and leakage of the source code the malware could easily become even more widespread and an even bigger threat than it already is today.

Lucian Constantin, Softpedia's editor, notes that Zeus' creator, Slavik decided last year to leave the public malware writing scene and surprisingly handed over the toolkit's source code to Gribodemon, the author of SpyEye, a rival banking trojan.

"Gribodemon's intention was to port the most successful ZeuS features to SpyEye in order to create one super trojan, a plan that has been put into action to some extent", he says in his report on this latest twist in the long-running Zeus saga.

"Hopefully, the availability of the code will also help antivirus vendors to create better signatures that are able to detect most variations of the trojan", he adds.

What’s Hot on Infosecurity Magazine?