IDG News Service - Two weeks after law enforcement broke up one of the criminal gangs behind the Zeus malware, Microsoft has taken steps to make it harder for criminals to install the software on PCs.
On Tuesday, Microsoft started detecting Zeus with its Malicious Software Removal Tool (MSRT) -- a widely used virus removal program that's free for Windows users. That should make it harder for the many criminals who use Zeus to keep running their software on computers that don't have antivirus software installed -- often an easy target up until now.
According to a September 2009 study by security vendor Trusteer, 45 percent of Zeus-infected machines have either no antivirus software or an out-of-date product. On the other hand, Zeus has been effective at avoiding the type of detection that Microsoft is now adding to its MSRT. According to that same report, 55 percent of Zeus infections were on machines that did have working antivirus programs installed.
Microsoft wasn't available to talk about the MSRT by press time, Tuesday.
In a series of raids starting Sept. 28, authorities in the U.K., U.S. and Ukraine arrested more than 100 members of the largest-known Zeus gang, but there are still probably dozens of smaller gangs in operation. Zeus is very easy to obtain online, and it has been adapted by many different criminals since it first popped up four years ago.
"Underground forums are teeming with questions ranging from the very basics about configuring the malware to people boasting about the size of their botnets," said Matt McCormack, a Microsoft spokesman, in a blog posting. "Even the botnet controllers are themselves quite varied, from apparent hobbyists to those that likely have more nefarious intent."
The software is best known for stealing online banking credentials, but recently security experts have started to worry that it could be used to steal corporate secrets as well.
Microsoft's decision to add MSRT protection has had a big effect on some malicious programs. It's credited with pretty much knocking the Storm Worm offline in 2007, for example.
Microsoft clearly hopes to have a similar effect on Zeus, also known as Zbot. "[W]e find ourselves knocking on Zbot's door this month, and we're glad we are," McCormack said.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- BlackBeard Case Study In this case study, learn how a business with 95% of revenues generated online was hit by DDoS attacks over a 6-month period,...
- Four Ways DNS Can Accelerate Business Growth This e-book describes how DNS has developed over the years to support business growth as new needs have emerged, for example, advanced traffic...
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Mobile Applications Case Study: 8 Billion Transactions a Day The story documents how the online brokerage company tradeMONSTER created a custom mobile app and the success gleaned from this initiative. Also covered...
- Mobile Apps and Devices Slash Customer Cycle Time Consolidated Engineering Laboratories' field employees used to collect data on triplicate forms that were sometimes hard to read and difficult to manage. After...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources... All Network Security White Papers | Webcasts