Researchers at ThreatMetrix Labs have come across a new variant of the peer-to-peer (P2P
) version of the notorious Zeus trojan
. It differs from previous iterations in the way its configuration file is encrypted – rendering all automatic methods useless in detecting the trojan. "The configuration file we analyzed showed a great sophistication in what it injects into the various websites [visited on infected machines]," Andreas Baumhof, CTO at ThreatMetrix, told SCMagazine.com this week in an email. "Through social engineering and genuine 'offers,' they try to lure people into believing [the page] is legitimate [so they give up their personal information]."