July 03, 2012

New Zeus variant comes with encryption upgrade

Researchers at ThreatMetrix Labs have come across a new variant of the peer-to-peer (P2P) version of the notorious Zeus trojan. It differs from previous iterations in the way its configuration file is encrypted – rendering all automatic methods useless in detecting the trojan. "The configuration file we analyzed showed a great sophistication in what it injects into the various websites [visited on infected machines]," Andreas Baumhof, CTO at ThreatMetrix, told SCMagazine.com this week in an email. "Through social engineering and genuine 'offers,' they try to lure people into believing [the page] is legitimate [so they give up their personal information]."
Related Articles
Related Topics
Related Links

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.