ZeuS’s Thunder Partly Contained

Posted by Neil Schwartzman 

by Neil Schwartzman
Director of Security Strategy

Colossal seated Zeus from Gaza, Roman period. ...

To the ancient Greeks, Zeus was the sky and the thunder, and ruled over all the other gods. More recently, a botnet named ZeuS may have made him the god of phishing and identity theft as well.

The ZeuS botnet made the news multiple times last week, with large-scale arrests announced in London and New York.

ZeuS services are available for purchase in criminal online forums, and those arrested are said to comprise only one of many groups using the ZeuS botnet. This group having stolen between six and 20 million dollars, it is clear that ZeuS is having an incredible impact on the financial safety of banking institutions and account holders. It is worth noting that many of the accounts breached were those of small businesses, charitable organizations, and a couple of municipalities; obviously there is more money to be had in these, than in the accounts of individuals.

Return Path congratulates the officers of New Scotland Yard and the F.B.I. on this great piece of detective work.

Ironically, ZeuS was also in the news as the botnet undertook a fresh self-propagation effort early last week, sending out millions of fraudulent emails — many spoofing Return Path client LinkedIn. Henry Stern at Cisco is one of the researchers actively tracking this attack, and he determined that for a short period of time the ‘email campaign’ accounted for 25% of all mail worldwide, as seen by Cisco and Ironport. Other research has indicated that there are approximately 180 ZeuS command & control servers currently in place world-wide, making it difficult for researchers and law enforcement to track and disable the bot network.

Arrests aside, it sounds like ZeuS will be around for a while.

(image via wikipedia)

Author Image

About Neil Schwartzman

Author Archive