Zeus SpyeyeThe recent merger of the Zeus and SpyEye botnets has created a mega-botnet that promises to increase the effectiveness, complexity, and prevalence of malware across the Web, according to a blog post by Francois Paget of McAfee Labs.

The SpyEye/ZS Toolkit v1.4.1, the first evidence of a long-rumored merger between the two, competing botnet platforms, appears to have been released on January 11. According to Paget it is available for purchase on the black market and is likely to have already started generating money for its owners.

The new tool’s capabilities include: brute force password guessing, jabber notification, a VNC (remote control) module, auto-spreading and auto-update capabilities and a new screenshot system.

A stripped down version of the tool is available for $400, Paget reports. The more extensive, all-inclusive variant is selling on underground forums for $800. Paget suggests the prices are low compared to pre-release “chatter” that had priced the merged toolkit at $4000.

McAfee recommends that users maintain updates on their systems to stay abreast of such threats.

Categories: Malware, Vulnerabilities

Comment (1)

  1. Anonymous

    As far as I know the SpyEye/ZS Toolkit v1.4.1 version is a fake, the post was not made by the known author of SpyEye. The price is also to cheap to be the real thing. Latest officially released version is 1.3 Beta. Some rumors also has it that the SpyEye author has stopped selling it publicly and is only dealing with a few people because of the fuzz.

Comments are closed.