Share

Related Links

Top 5 Stories

News

Zeus source code: from $100K to free in a matter of months

12 May 2011

Reports are coming in that the source code for Zeus, a long-running trojan that has been modified many times since the summer of 2007, is now available on several underground forums.

According to Peter Kruse, a security researcher with CSIS, the code appears to have leaked to at least two dark market forums.

As reported previously by Infosecurity, Zeus' source code was originally offered for $100,000 back in February, a price tag that reportedly fell to $5,000 within a few weeks, culminating last month with elements of the source code being file-shared on BitTorrent.

Now it appears the entire code is now available for free online, as Kruse says he spotted the source being released to the masses on several underground forums last weekend.

"We already collected several addresses from where it is being distributed in a compressed zip archive. We even compiled it in our lab and it works like a charm", he said in his latest security blog.

"Zeus/Zbot is already considered as being amongst the most pervasive banking Trojan in the global threat landscape. It is an advanced crime kit and very configurable", he added.

The CSIS researcher went on to say that, with the release and leakage of the source code the malware could easily become even more widespread and an even bigger threat than it already is today.

Lucian Constantin, Softpedia's editor, notes that Zeus' creator, Slavik decided last year to leave the public malware writing scene and surprisingly handed over the toolkit's source code to Gribodemon, the author of SpyEye, a rival banking trojan.

"Gribodemon's intention was to port the most successful ZeuS features to SpyEye in order to create one super trojan, a plan that has been put into action to some extent", he says in his report on this latest twist in the long-running Zeus saga.

"Hopefully, the availability of the code will also help antivirus vendors to create better signatures that are able to detect most variations of the trojan", he adds.

This article is featured in:
Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×