The Zeus Trojan

The Zeus trojan is malware that has been around since 2007 and it still manages to hide from anti-virus software. Zeus is a very illusive piece of software because it keeps a low minimal profile. Once the victim visits a financial site Zeus acts as a keylogger attempting to record users passwords and other valuable information. The open source architecture of Zeus allows the code to be ever changing; hackers can edit the code so it is customized for certain tasks. This factor makes Zeus difficult for anti-virus software to identify. Zeus targets victims on a large scale by using social engineering style E-mail attacks. The emails might prompt users to “verify” sensitive data by clicking a link and filling out a page. After the link is clicked the code would be installed behind the scenes. Zeus can be especially devastating if it infects a machine that is used to make lots of transactions like a business machine. Larger business have decent protection from Zeus because of the higher budget investment in security. For example a security protocol that scans all incoming emails attachments. At its current state Zeus only exists on windows machines. So one could avoid it by using a linux or mac based OS. Does anyone have any examples of Zeus compromising a valuable system or business?


2 thoughts on “The Zeus Trojan

  1. I had a client that brought a machine in that was infected with Zeus. It was his personal machine and he did, in fact, use it for his banking. After I removed it, I advised him to carefully monitor his bank account just in case.

  2. Did you have any problems locating the Zeus code? I know that once it has been found its fairly easy to remove but finding the code can be the tricky part.

Comments are closed.