Magazine article American Banker

Copy That: New Malware Magnifies the Zeus Threat

Magazine article American Banker

Copy That: New Malware Magnifies the Zeus Threat

Article excerpt

Byline: Daniel Wolfe

A new malicious program increases the threat posed by the infamous Zeus program, which has taken over countless online banking accounts in recent years.

Zeus' methods have been incorporated into a new version of Ramnit, a program that can infect computers more easily than Zeus could.

"Zeus ... has no spreading capability," so if one computer out of thousands on a corporate network is infected, the other computers might be safe, says Amit Klein, chief technology officer of the security vendor Trusteer Ltd. of Boston.

Ramnit's specialty is copying itself to new machines, Klein says. When "infecting one internal machine with Ramnit alone, it is likely for Ramnit to propagate ... inside the network," he says.

That way, one machine infected with Ramnit could compromise thousands of computers on the same network.

Zeus operates by waiting for the legitimate bank customer to log in from an infected machine. After the user has been properly authenticated with the bank's website, the Zeus malware takes over the account and drains it.

Zeus "is still a major threat to online banking even though it is a five-year-old malware," Klein says. Ramnit is just 18 months old, but it is already extremely widespread.

The security vendor Symantec Corp. said in a press release Tuesday that Ramnit was the "most frequently blocked malware for the last month," accounting for 15.8% of the programs that the vendor's software blocked in August. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed


An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.