Blog Post

Warning: the threat from Zeus malware continues after crackdown

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

U.S. and international law enforcement may have stymied the Gameover Zeus malware criminal enterprise with a series of arrests and seizures last week, but the threats of the highly malleable Zeus framework — sometimes called malware-as-a-service — continue, according to cyber security firm Prolexic.

In a statement, the Prolexic Security Engineering & Response Team said it has “observed new payloads from the Zeus crimeware kit in the wild.” Per the statement:

“Over the years, the Zeus framework has evolved from focusing on the harvesting of banking credentials to being used in the control of hosts (zombies) for many types of crime, including customized attacks to target specific platform-as-a-service (PaaS) and software-as-a-service (SaaS) infrastructures of Fortune 500 enterprises.”

Using the Zeus kit, attackers can scoop up usernames and passwords as they are entered into a web browser on an infected PC or tablet, according to the company, which was bought by Akamai late last year. Attackers can also insert new fields into what looks like a legitimate web form from a bank to trick the user into supplying additional data — including PIN numbers — that should not be divulged.

Data security and how it can be bolstered in the increasingly cloud-connected world will be a hot topic at Structure next week where Gigaom Research analyst Ashar Baig will discuss Heartbleed and other security breaches and their ramifications with Dan Kaufman, director of the Information Innovation Office, Defense Advanced Research Projects Agency (DARPA) and Matthew Prince, co-founder and CEO, of CloudFlare.

Security expert and blogger Brian Krebs said Gameover Zeus differs from traditional botnets where infected devices are controlled by a central server, which make them vulnerable to seizures and shutdowns of that server. Instead, Gameover Zeus — the subject of last week’s crackdown — is a peer-to-peer botnet that is trickier to eliminate because it is so decentralized. Check out Krebs’ interview with two (unnamed) security specialists who helped hijack the Gameover.