'User-friendly' Zeus Trojan threatening world banks
RSA has highlighted an 'all-in one' Zeus Trojan package - making botnet attacks possible for the most 'unsophisticated' of users.
The report said Zeus (also known as wsnpoem) was extremely easy to use and operate, with Trojan infection kits available to rent or purchase, which it called a 'ready-made Zeus attack infrastructure.'
It said all that was needed was a compromised or fraudster's back-end server. Once the server was in place, they simply needed to install the Zeus administration panel, create a user name and password, and start launching the attacks.
"The administration panel can be easily controlled by unsophisticated users," stated the report.
RSA said that criminals were also offered access to an 'all-in-one' solution, a ready made hosting server with a built-in Zeus Trojan administration panel and infection tools.
The report said: "The service includes all of the required stages in a single package meaning that all the fraudster now has to do is pay for the service, access the newly-hired Zeus Trojan server, create infection points and start collecting data."
The servers were also offered with 'exploit packages' that facilitated Zeus infections. RSA said that this allowed fraudsters to infect users and grow a botnet of compromised machines.
It said: "An entire Zeus attack comes alive, using a single service package that fraudsters can buy in the underground."
The report also said that 11 per cent of total global banking brands being phished were from the UK. This was second only to the US for the fifteenth consecutive month.
Accelerating AI modernisation with data infrastructure
Generate business value from your AI initiativesFree Download
Recommendations for managing AI risks
Integrate your external AI tool findings into your broader security programsFree Download
Modernise your legacy databases in the cloud
An introduction to cloud databasesFree Download
Powering through to innovation
IT agility drive digital transformationFree Download