Zeus Malware Making a Resurgence, Experts Warn

The feared Zeus Trojan is expected to make a comeback in the next six months. According to security research firm Trend Micro, many cybercriminals are returning to this form of malware as a tool for compromising website security.

Zeus is by no means new. Its source code was originally spread across the world wide web more than two years ago, and since that time has been customized by cybercriminals. Popular variants of Zeus included 'Citadel' and 'GameOver'.

Overall, Zeus (sometimes called Zbot) is one of the oldest forms of financial malware still being used by cybercriminals today.

Zeus a Popular Weapon for Attacks on Financial Institutions

No matter the variant, the general use for Zeus is defrauding financial institutions through their websites. In some cases, however, cybercriminals have used Zeus to steal personal information, including names, home addresses, phone numbers, and log-in data.

After an initial outbreak in 2011, the number of Zeus infections declined. However, Trend Micro researchers say they've detected a resurgence in Zeus-based attacks in recent months.

"The notorious info-stealing ZeuS/ZBOT variants are re-emerging with a vengeance, with increased activity and a different version of the malware seen this year," Trend Micro noted in a recent blog post. (Source: trendmicro.com)

For the most part, cybercriminals are turning to the newer Citadel and GameOver variants to launch their attacks. It's expected this activity will continue for the next few months.

Bitdefender Confirms Zeus Resurgence

Bogdan Bozteau, a senior analyst at security research firm Bitdefender, confirmed Trend Micro's findings.

"In mid-May we saw a surge in spam messages bundling Zeus, allegedly coming from a number of banks and presented like they were banking statements," Bozteau said. (Source: pcworld.com)

Bozteau added that his firm saw a spike in Zeus malware attacks towards the end of tax season in late April, as cybercrooks attempted to capitalize on the stress associated with filing tax returns by offering phony guides and other services.

To keep your system free from infection, security researchers suggest avoiding opening email attachments unless their source is known and trusted.