Zeus is a financial malware. It infects consumer PCs, waits for them to log onto a list of targeted banks and financial institutions, and then steals their credentials and sends them to a remote server in real time. Additionally, it may inject HTML into the pages rendered by the browser, so that its own content is displayed together (or instead of) the genuine pages from the bank’s web server. Thus, it is able to ask the user to divulge more personal information, such as payment card number and PIN, one time passwords and TANs, etc.
Zues Virus is understood to be the biggest culprit among the family of malware targeting the financial websites and institutions. According to some of the studies, as much as 44% of all financial malware are based upon Zeus.
Zeus – One of the Hardest Financial Malware to Get Detected
Despite such an alarming state, it is shocking to know that most of the Latest Security Software, even if they are updated to the latest version, are incapable of finding and removing Zeus Malware infections. In a recent study by Trusteer, it has been revealed that as much as as 55% of all the tested 10,000 computers, which were equipped with the latest updated security software and antivirus, were not able to detect and remove the traces of Zeus Virus.
The study shows that…
Out of the computers in which Zeus Trojan was detected,55% computers were having up-to-date antivirus, 14% were having antivirus installed but it was not up-to-date, while 31% were not having antivirus installed onto them.
In a derived conclusion from the results indicated in the study, it is estimated that installing an anti-virus product and maintaining it up to date reduces the probability to get infected by Zeus by 23%, compared to running without an anti-virus altogether. The effectiveness of an up to date anti virus against Zeus is thus not 100%, not 90%, not even 50% – it’s just 23%.
What is the Solution – How to Avoid Malware Like Zeus
So disturbing figures.
But it re-iterates our viewpoint that no software, howsoever smart, intelligent and pricey, can buy you the absolute PC Security and Privacy. The safety of your computer is within your own hands. You MUST exercise caution before you click on any link.
[Read the Entire Report (pdf)]
Update: Read our other posts about about Zeus 2 and Zeus 3, the other variations of this deadly virus.
Great article Silki – very well done!
Thank you for the linkback.
Best,
Bill
Almost as surprising as the ability of most virus applications to detect the virus, is that there is also virtually no information available on how to remove it (some instructions, or a link to them, from this very article would have been nice).
http://www.malwarehelp.org/find-and-remove-zeus-zbot-banking-trojan-2009.html
This link has some interesting information on removing a few different variants of ZeuS.
This is not a particularly helpful article and in fact simply helps spread FUD. The main thrust seems to be “there’s a virus out there that will rob you blind but you have a less than 1 in two chance of detecting an infection so ‘be careful’ what web links you click.”
This is a bit like saying don’t wander around Harlem after dark, don’t produce films quoting from the Koran in Holland and don’t drive your auto with your eyes shut.
“it is shocking to know that most of the Latest Security Software, even if they are updated to the latest version, are incapable of finding and removing Zeus Malware infections. ” –
So what were the AV apps that did not detect_ these would be the ones you do not want to use _ please report real information that folks can actually use!!!!
@BT Mo: Please go through the link to gain more insight.
Must be some tough virus :-@
Nice reading..thnx for the info
The current strategy to deal with malware, is to attempt to prevent the infection occurring. It is now clear that there should be a refocus, and the data itself should be protected, so if it is obtained without permission, it is rendered useless courtesy of encryption. Zeus and other Trojans key-log information as opposed to ‘lifting’ it whilst in transit, thus anti-key logging software should be employed to conceal the data entered. To read our blog on the other Trojans to be aware of click here: http://bit.ly/cTsliE
I got this through Facebook.. NASTY!! Mind you, it all looks real for the Security, as in being secure and all but I’d lost a few friends because of it. It asked me to confirm myself on Facebook (not a problem, but I never click links!!), then sure enough I followed along as it asked me for my e-mail, then password from my server (I’m thinking now, why the heck did I give that out?!), but then it goes into bank information, in case I ever wanted to purchase credits on Facebook. I don’t even use my own banks online that I have available to me. It’ll ask for the first 6 digets of your credit card or debit card number. I typed in 000000. Then it all started over again, wanting me to confirm myself on Facebook. All you need to do on Facebook is quickly change your password, then goto your server ‘if’ you gave that password out like I did and change that aswell for your e-mail. It only takes a couple of minutes. But if you don’t change, you will be infected and it will continue on. I have a virus protector that I pay for each month and it is updated each time I turn on my computer. Just BE SURE you change those passwords!! And DEFINITELY don’t give out bank info!