As reported previously by Infosecurity, whilst the source to Zeus was reportedly on sale in February for $100,000, last month saw the source code released for free on at least two darkware hacker forums.
Anstis told Infosecurity that the release in May of this year was a deliberate strategy by the Zeus creator to increase the distribution and use of the malware.
The M86 Security VP says he believes that cyber criminals are copying the actions of corporates and seeding the market with free source code, so that their application becomes the de-facto tool for robbing banks electronically.
"The Zeus creators could be trying to shake up the market by giving away the toolkit, so that they can make their money from subsequent `WebInject' projects", he said.
Their aim, he notes, could be to create a distribution channel so that they make more revenue through creating additional modules for the crimeware than they did from selling the application itself.
"If this is the case, then this is the first example of a `crimeware freemium model' that we have seen", he added.
According to Anstis, this freemium approach to Zeus is something of a numbers game that mirrors what is happening in the commercial IT security marketplace, which he notes is undergoing a period of great change.
On the criminal side of the fence, he says, we are now seeing the entry level cost of cybercrime falling significantly. As a result, he told Infosecurity, more people are taking up cybercrime as a business.
"All you need to do is to sign up for a cloud service and operate your malware empire from there, remotely. It's a much lower cost of doing business illegally", he explained, adding that the cloud also allows criminals to be a lot more pro-active.
So what is the solution to this freemium and low-cost cybercrime expansion?, Infosecurity asked Anstis.
The solution, he says, is that IT security vendors and professionals need to discuss what is happening in our industry a lot more, and - wherever possible, work together. "We need to co-operate a lot more with each other", he explained.
Unless this happens, Anstis warns that IT users could be in for a rough time, with a rising tide of Java exploits - a trend he says he and his team noticed in the second half of 2010.
"Adobe and Microsoft are all seeing the numbers of exploits of their code rising. Likewise with Java. As a result, I think you're going to see a lot more financial malware on the horizon later on this year" he said.