A new botnet toolkit is threatening the infamous Zeus Trojan announced by the researchers from security giant Symantec. Dubbed SpyEye and priced at $500, the crimeware comes with a “Zeus killer” feature.
The Zeus computer trojan, also known as Zbot, is a well-maintained piece of malware that has been around since 2007. This is because the trojan is bundled along with the Command and Control (C&C) server software in a crimeware toolkit commercialized on the underground market. The team selling this package has constantly improved it, making it the most prolific information-stealing malware on the Internet.
But, according to Symantec, there’s a new competitor on the market named SpyEye. Initially spotted on Russian hacking forums back in December, the fresh trojan toolkit has seen several revisions and is currently at version 1.0.7.
The SpyEye toolkit offers most of the features Zeus does, being able to capture information typed into Web forms and steal credit card data, POP3 e-mail messages or FTP credentials. “It contains a builder module for creating the Trojan bot executable with config file and a Web control panel for command and control (C&C) of a bot net,” Symantec’s Peter Coogan.
One of the most intriguing options that can be enabled when generating the trojan horse is called “Kill Zeus.” This feature would supposedly enable SpyEye to remove a Zeus from compromised systems; however, security researchers have yet to test and confirm it. Even though it has enough potential, the new SpyEye toolkit is not mature enough to pose a real threat to Zeus’ supremacy yet.
Related posts: