Zeus

An Inside Look at a Banking Trojan


By Jean-Francois Legault

jean-legault-80x80.jpgDigital Fingerprints     

A Closer Look at Technology and Fraud    

  

  

  

  

After I taught the breakout session, "How Technology Changed Fraud Investigations," at the 22nd Annual ACFE Fraud Conference and Exhibition in June, I received a number of questions about how banking Trojans work. The timing was perfect: In May, various underground forums leaked to the public the source code for the Zeus banking Trojan. Zeus, a highly configurable crimeware, is one of the most pervasive threats in the cyberlandscape. Its "public" release does not necessarily mean it is no longer a threat: More people will have access to it, and it can now serve as inspiration for future banking Trojans. This comes at about the same time as Zeus' author announced his retirement and turned the source code over to a competitor.    

 


For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.

Related Articles

Poorly governed financial systems and fraud: It all starts with access

Access/identity control is a fundamental component of data security that dictates who’s allowed to access and use company information and resources. But organizations still lack the necessary protections, opening the door for fraudsters to exploit their systems. Here the authors examine the latest IT resources to keep such criminals at bay.

Mind blowing

Understanding ChatGPT and similar generative AI tools is critical for fraud examiners seeking to leverage this emerging technology. Here we explore the risks and the extraordinary potential of this new phenomenon.