-2

I am confused by this page http://www.wiki-security.com/wiki/Parasite/ZeusTrojan/

I was searching info on google as I read warning article about the fact it was very sophisticated bot that steals banking info so is this page on among first rank on google totally misleading people ?

user310291
  • 1,413
  • 2
  • 12
  • 13
  • 1
    This page is not on the first page for me. Google heavily weights search results on user information, but it is also possible that the malicious software manipulates search results. – Hendrik Brummermann May 28 '12 at 07:24
  • 1
    @HendrikBrummermann I've certainly come across malware that includes BHOs and other browser plugins that modify/block Google results to mislead the user, stop AV software downloads, and prevent them from getting advice about malware on forums. If I remember correctly, Zlob was often bundled with such features. – Polynomial May 28 '12 at 09:10
  • 2
    If you are infected with the Zeus Trojan your banking information will be collected. The information in that "article" is 100% false. I would argue NOTHING in the article is true. I would not true anything on that website based on the quality of this article. I assume everything on the website is false. – Ramhound May 30 '12 at 16:37
  • The former source code of Zeus was handed over to the Gribodemon has then made ​​to the development and the new project called Spy Eye. There is another Zeus clone called Carperb. By this bot also the Soruce code was leaked a few days ago. These bots are certainly not harmless. Just banking Trojans can cause a huge financial loss. – Hidden Jul 03 '13 at 12:10
  • 1
    The article in the link now states that Zeus is in fact dangerous. – schroeder Jul 03 '13 at 15:40

2 Answers2

15

Zeus Trojan steals $1 million from U.K. bank accounts. Harmless? But wait, there's more. This was just a single instance.

The Zeus trojan captures your keystrokes and implements 'form grabbing' (taking the contents of a form before submission and uploading them to the attacker) in an effort to steal sensitive information (passwords, credit cards, social securities, etc.). It has capabilities to infect Windows and several mobile platforms, though a recent variant based on Zeus's leaked source, the Blackhole exploit kit, can infect Macs as well.

Zeus is predominantly a financial-interest malware, however if infected, your machine will be recruited into one of the largest botnets ever. The master could then use your computer (along with any other infected machines of that bot) to be used to do any number of nefarious tasks for him (launching DDOS attacks, sending spam, relays, etc.).

Recent versions of Zeus include crimeware capabilities, P2P spreading (allowing for rapid infections) and secure communications that encrypt data while phoning home for commands and back to the client (SSL). Crimeware allows the attacker to steal, encrypt or otherwise prevent you from viewing or using your important documents and applications until you pay the master.

As if that weren't enough, the Zeus trojan (which previously was sold for a pretty penny on underground forums) source is now available (via a leak), which has introduced almost two thousand variants. The most common of which are GameOver, ABUSE and the Blackhole Exploit Kit.

Harmless, not so much. However, if you're truly interested in understanding Zeus (which is a fascinating and intricate piece of malware) I encourage you to reverse engineering it and analyze it for yourself (in a safe environment of course).

https://en.wikipedia.org/wiki/Zeus_(Trojan_horse)

http://searchsecurity.techtarget.com/definition/Zeus-Trojan-Zbot

Simon
  • 3,182
  • 4
  • 26
  • 38
Fairlight
  • 705
  • 3
  • 5
  • Here's an analysis of Zeus (and SpyEye): http://www.ioactive.com/pdfs/ZeusSpyEyeBankingTrojanAnalysis.pdf –  Jul 03 '13 at 18:11
6

It's not a very convincing page. Even the links it provides off to the removal tools (such as this one) state that "Zeus is one of the most dangerous Trojan parasites in existence".

I also had trouble getting that page to show up in the top ten results. A search for "zeus trojan wiki" did it, but even then it's below the Wikipedia entry and several others.

It's good practice to avoid trusting a single source for any information but rather to find multiple sources and combine the results. For that reason I would say this page is training people to not blindly trust rather than "misleading people".

Ladadadada
  • 5,163
  • 1
  • 24
  • 41