Zeus Malware Expands its Conquest

Zeus: malicious and powerful (via Wikimedia Commons)

Keystroke loggers transferring your password to hackers, CryptoLocker holding your files for ransom. This is not the work of crime novels; it is the work of Zeus crimeware, which infects millions of computers worldwide. Many people with Zeus-riddled computers do not even know their computer is infected.

A recent threat report from Prolexic, a branch of cloud provider Akamai Technologies, reveals that Zeus malware has expanded beyond its notorious function of stealing banking information. It is now being customized to perpetrate a variety of cybercrimes, among them attacks against the cloud-based web services of Fortune 500 companies. Combined with other malware toolkits, Zeus can be used for distributed denial-of-service attacks (DDoS), which means obstructing the use of internet services for a period of time.

This new threat follows right on the heels of the FBI and Department of Justice disruption of the GameOver Zeus botnet. A botnet is a network of infected computers used to pass malware along to other machines. GameOver Zeus was used to steal financial information as well as install CryptoLocker software, which encrypts files on the infected machine and demands a ransom to decrypt the files. The GameOver Zeus botnet encompassed hundreds of thousands of computers (most recently around 250,000, according to Symantec) and was used to steal millions of dollars. Experts caution that the disruption does not mean complete obliteration: it’s still possible for GameOver Zeus to resurface.

In response to the GameOver Zeus takedown, Finnish security firm F-Secure has developed a single-click test to assess whether your computer is infected. You can feel secure about the test itself because it doesn’t require your computer to download anything, but rather takes advantage of the way Zeus works: by injecting malware into webpages the infected computer visits. The F-Secure site forces Zeus (if it’s there) to inject malware, then scans for the presence of the malware script. The test won’t catch every infection, but it’s a quick and effortless check that can’t hurt.

Of course, a quick online scan does not compare to a comprehensive, professional security assessment. Our vulnerability assessments provide you with a thorough breakdown of vulnerabilities in your systems and our recommendations for remediation. We also conduct penetration tests to identify fundamental weaknesses in your systems. Let us find your vulnerabilities before hackers do. To test your network security, give LMG Security a call.