Keep It Simple, Stupid – The Zeus Version
Earlier this year Trusteer’s CTO Amit Klein blogged about two malware families, Tinba and Tilon, going back to basics. He observed that we are witnessing an interesting trend - organizations are rolling out advanced malware detection systems that force malware authors to drop some of their more advanced techniques and reuse older techniques that were abandoned years ago. The latest example of this trend is a Zeus variant that was detected by Trusteer’s security team this month. Using a unique HTML injection mechanism and static mule accounts, this malware is now targeting banks in Eastern Europe by covertly manipulating and performing transactions on the end user’s behalf.
In the last couple of years many organizations took note of the malware threat and deployed advanced malware detection systems. These new security solutions were familiar with all the latest tricks malware authors had to offer and contained effective counter measures. Malware authors (and their criminal clients) did not sit idle while their attacks were detected and eliminated – they fought back!