By Roel Schouwenberg, Kaspersky Lab
Amongst some others the Zeus bot is one of the most prolific bots in
the wild and in the media. Lately there has been quite a few reports on
the aspects surrounding Zeus, such as new research and the Troyak
takedown.
Naturally, this is great news. However, awareness is still lacking
and the heavy reporting around Zeus is making more people aware of the
sophistication of the cyber criminal underground. Unfortunately, In many
of the reports there is a recurring incorrectness. These reports talk
about “the Zeus botnet”, which is an inaccurate reflection of reality.
The reality is that there are many, many different Zeus botnets all
maintained by different cyber criminals. The amount of unique Zeus
botnets is likely to be in the hundreds. The cyber criminals behind the
Zeus bot will sell it to anyone who can then start their own unique
botnet. Going even further there are some side-branches of Zeus
maintained by other cyber criminals.
Given this situation it’s not unlikely that in a large enterprise
machines may be infected with Zeus bot variants which are controlled by
different cyber criminals and therefore belong to different Zeus
botnets.
Read the entire post at Securelist.
