Timeline: Three years of Zeus terror

It was in 2007 the Zeus Trojan was first spotted and it has been causing carnage ever since. We take a look back at the Trojan's rise.

Zeus

Zeus, aptly named after the King of the Gods in Greek mythology, is one of the most prevalent forms of malware found on the web.

This year in particular has seen various Trojan machinations causing chaos for companies across the globe, namely financial institutions.

So where did it all start and who has been hit by Zeus during its three-year reign of pain?

July 2007: The Zeus Trojan is widely believed to have been first spotted in July 2007, in an attack on the US Department of Transportation.

May 2008: Zeus abuse really ramped up in 2008. RSA Security found it was actually becoming easier for hackers to get hold of the malware, after Trojan infection kits had been made available to rent or purchase.

May 2009: A Zeus botnet managed to take out operating systems on 100,000 computers, in what was being called a "nuclear" attack. Swiss IT expert Roman Hussy reported on a Zeus command and control server sending out Kill Operating System commands designed to prevent an OS from loading.

November 2009: Finally some success was seen in taking down the hackers. The Metropolitan Police's Central e-Crime Unit made the first arrests in Europe around the use of Zeus, taking down a man and woman both 20 years old at the time.

April 2010: An RSA Security study showed that nine in ten Fortune 500 companies in the US had been potentially hit by Zeus-based attacks. By this point, Zeus was known to have compromised computers in 196 countries.

A Zeus 1.4 Trojan was identified in April as well, supporting two techniques one being HTML injection, the other something called transaction tampering. These allowed the malware to get round even tough authentication and transaction signing solutions.

It was also the first time Zeus had been seen exploiting the Firefox browser something it had been unable to do previously.

July 2010: At the start of the month two new Zeus botnets aimed at UK consumers were uncovered by Trusteer. They were only found on UK machines and were targeting UK-based banks solely. It was part of a worrying trend of Zeus-based attacks targeting the nation.

Trusteer was on the case later in July, revealing how a Zeus Trojan had been used in an attack, which produced replicas of the Verified by Visa and MasterCard SecureCode protection features in order to dupe US customers.

August 2010: August saw new versions of the infamous malware hitting the UK hard.

Firstly, Zeus was being used as part of the Mumba botnet, which had infected 55,000 computers and illicitly obtained more than 60GB of personal data.

Then Trusteer uncovered a Zeus v2 botnet, controlling more than 100,000 computers. Almost all of these systems were based in the UK and stolen data included online banking details and social network logins.

Later in the month hackers were revealed to be using Zeus v3 to steal 675,000 from a single UK bank. M86 Security discovered this version of Zeus was able to initiate transfers from within user accounts, handing funds directly to the cyber criminals.

Featured Resources

Four cyber security essentials that your board of directors wants to know

The insights to help you deliver what they need

Download now

Data: A resource much too valuable to leave unprotected

Protect your data to protect your company

Download now

Improving cyber security for remote working

13 recommendations for security from any location

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

Recommended

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19
Security

DeviceSHIELD combats rising cyber attacks and online fraud amid COVID-19

24 Nov 2020
350,000 Spotify users hacked in credential stuffing attack
Security

350,000 Spotify users hacked in credential stuffing attack

24 Nov 2020
WAPDropper malware hooks you up to premium telecoms services
Security

WAPDropper malware hooks you up to premium telecoms services

24 Nov 2020
VMware sounds alarm over zero-day flaws in multiple products
Security

VMware sounds alarm over zero-day flaws in multiple products

24 Nov 2020

Most Popular

macOS Big Sur is bricking some older MacBooks
operating systems

macOS Big Sur is bricking some older MacBooks

16 Nov 2020
46 million Animal Jam accounts leaked after comms software breach
Security

46 million Animal Jam accounts leaked after comms software breach

13 Nov 2020
How computing has revolutionised Formula 1
Sponsored

How computing has revolutionised Formula 1

11 Nov 2020