Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Trusteer predicts further wave of ZeuS-driven financial malware

In addition, according to the in-browser web security specialist, its research shows that, after testing MSRT against hundreds of ZeuS files, ZeuS 2.0 is only detectable 46% the time.

This isn't as bad as it sounds, as Trusteer calls the detection rate "very respectable", since most anti-virus solutions, if not all, have a much lower detection rate.

However, this low detection rate also emphasises how hard it is to remove ZeuS, the firm adds.

The big problem with MSRT, however, says the company, is that it does not operate in real-time and only disinfects a machine when it is running, meaning that hackers have a golden window of opportunity between the time of an infection.

This window, the company claims, allows ZeuS-driven infections to siphon off money from the victim's bank account.

Trusteer says that, based on research conducted with more than 70 financial institutions over the past two years, that financial fraud usually occurs shortly after a computer is infected because sensitive information is immediately transmitted back to the criminals.

As a result, in the majority of cases, the ability of MSRT to prevent ZeuS-related fraud and data loss will be minimal because the damage has already been done by the time it performs its scan.

Mickey Boodaei, the firm's CEO, said that Microsoft's decision to join the fight against financial malware is an important step, as winning the war against criminals requires the participation and co-operation of more software vendors and increased involvement by law enforcement agencies.

"I hope Microsoft's efforts won't stop here since there is a lot more to be done. However. I believe that MSRT will actually serve to further shorten the time between a machine becoming infected and the time it is used to commit fraud", he said.

"I also expect this will reduce the effectiveness of antivirus solutions, since they typically cannot detect a new variant until a few days after it is released", he added.

Microsoft, he went on to say, is working hard and making important contributions towards improving online security with MSRT and Microsoft Security Essentials.

"However, in the battle against ZeuS, I believe Microsoft chose the wrong weapon. What's needed are real-time, signature-independent solutions and more operating system improvements, if we want to defeat ZeuS and others like it", he said.

What’s Hot on Infosecurity Magazine?