Tech Time Warp: Zeus, Ruler of Malware?

[ad_1]

The Zeus malware, like its Greek god namesake, is a powerful and virile Trojan malware. Since it first surfaced in July 2007 in an attack on the U.S. Department of Transportation, Zeus, aka Zbot, and its variants have wreaked havoc on the financial services industry.

If you’ve ever been tricked by a legitimate-looking email asking you to download a payment confirmation, e-fax or delivery notification, you may have been zapped by Zeus. Instead of attachments, these emails contain links to ZIP files containing the virus in an executable file. Zeus’ other form of transmission is the “drive-by download,” when an unsuspecting user happens upon a website hacked with malicious code.

The nasty powers of Zeus malware

Zeus malware has two nasty powers: One, it creates a botnet, or a network of corrupt computers remotely controlled by a command-and-control server. Two, it uses keylogging to steal financial usernames and passwords. Initially, Zeus only affected Windows machines, but in the 14 years since the malware’s debut, mobile versions have appeared that infect Symbian, Blackberry, and Android devices.

Although Zeus itself has slowed down, new variants continue to emerge, including Terdot, which expands upon Zeus’ interest in banking information by stealing social media and webmail passwords. Variants have appeared ever since Zeus’ creator made the malware’s code open-source in 2011. And in 2020, hackers leveraged the COVID-19 pandemic by sending Zeus-carrying messages suggesting the recipient had been exposed to the coronavirus or warning them about a potential COVID-19 scam (oh, the irony).

And just who created Zeus? Well, the FBI is offering a reward of up to $3 million for information leading to the arrest and/or conviction of one Evgeniy Mikhailovich Bogachev, last known to reside in Anapa, Russia. He enjoys boating along the Black Sea, playing with cats and draining bank accounts.

Photo:  Dimitrios /Shutterstock.