From security firm Trusteer, news of the Zeus virus comes of revision 1.6 and its ability to infect computers using Internet Exploder or Firefox browsers. (Opera and Chrome users, rejoice!) In the 5.5 million computers it has a part in protecting, 1 in each 3000 has become infected. The BBC site informs that not only does Trusteer operate in the U.K, it also is found in the U.S.A.

The site continues with the method of operation of this bit of nastiness –

The malware steals login information by recording keystrokes when the infected user is on a list of target websites.

These websites are usually banks and other financial institutions.

The user’s data is then sent to a remote server to be used and sold on by cyber-criminals.

“We expect this new version of Zeus to significantly increase fraud losses, since nearly 30% of internet users bank online with Firefox and the infection is growing faster than we have ever seen before,” said Amit Klein, chief technology officer at Trusteer.

DIY virus

In March 2010, many parts of the command and control (C&C) system for the Zeus botnet were destroyed when the Kazakhstani ISP that was being used to administer it was cut off.

However, it does not take long for malware controllers to spring up elsewhere, and toolkits for assembling botnets are readily available on the black market.

“There are plenty of opportunities for people to purchase access to these systems through underground chat rooms,” said Dr JD Marsters, from the department of electronics and computer science at the University of Southampton.

“It’s a game of cat and mouse between anti-virus vendors and botnet developers.”

Computer users should ensure that their anti-virus software and operating systems are kept up to date, he advised.

It does seem odd that something like this is growing so quickly in this age of users that have become so vigilant about online transactions. With the method that this infection uses, a better than stock (meaning not the Windows version) firewall would be a great idea. So that outgoing information is monitored if the computer becomes infected, a firewall such as Comodo Firewall or Online Armor would be an excellent choice. Both are firewalls that inspect both incoming and outgoing packets, they also provide HIPS+ protection, and will do much more than the standard Windows firewall to keep the user safe.

Both of these solutions are free, and though I have used both, I find Comodo much more easily maintained. It can be bothersome during the first few hours of operation, as it learns your ways, and the sites you visit. After those first learning experiences, things are basically transparent.

Perhaps Zeus is this year’s wakeup call for users to become more careful, and as long as attention is paid now, before the problem occurs, it may be beneficial to the great many, at the expense of a few who weren’t prepared.


I generally avoid temptation unless I can’t resist it.Mae West

Download Opera – A faster and more secure Web browser.

≡≡≡≡≡≡≡≡≡≡ Ḟᴵᴺᴵ ≡≡≡≡≡≡≡≡≡≡