Microsoft's anti-Zeus tool cleans quarter-million PCs
Free program scrubs money-stealing bot from Windows computers
Computerworld - Microsoft said its free malware cleaning tool had scrubbed the money-stealing Zeus bot from nearly 275,000 Windows computers in under a week.
Zeus, also called Zbot, is a crimeware kit that lets criminals create customized malware that they can use to infect PCs. Hackers deploy Zeus to steal usernames, passwords and other information necessary to log in to online bank accounts. So-called "money mules" then withdraw money from the compromised accounts and wire the funds to the gang's organizers.
Friday, Fortinet reported that one Zeus gang had targeted Charles Schwab investment accounts, and was injecting a fake form into a legitimate session at the firm's site to collect personal information they could later use to confirm their illegal transactions.
Last Tuesday, Microsoft added Zeus/Zbot detection to its Malicious Software Removal Tool (MSRT), a free malware-removal program that the company updates each month and distributes alongside its Patch Tuesday security fixes. MSRT does not prevent attack code from getting on a Windows machines. Instead, it detects infected machines and then deletes the malware.
Since Tuesday, MSRT has removed 281,491 copies of Zeus from 274,873 PCs, Microsoft announced in a post to a company blog Sunday. Those numbers put the Zeus bot into the top spot on MSRT's hit list.
Zeus infections accounted for 20.4% of all machine cleanings since last Tuesday, said Jeff Williams, the director of Microsoft's Malware Protection Center, in the blog post. "[That] ratio [is] higher than we typically see even when accounting for the normal, first-month spike which results from adding a new family," Williams said. "But not exceptionally so."
Zeus, which first appeared in 2007, made headlines late last month when authorities in the U.S., the U.K. and Ukraine arrested more than 100 members of a Zeus gang. The group stole an estimated $200 million from consumers and small businesses over a four-year span.
Users can manually download MSRT from Microsoft's site, or use Windows Update to retrieve and install the tool.
- Microsoft plans to patch critical under-attack IE bug next week
- Ballmer regrets not aping Apple sooner
- OS upgrades: Cheap is better than pricey, free is better than cheap
- Update: More top-tier Microsoft execs head for the door
- Microsoft ships Office 2013 SP1 the old-fashioned way
- Microsoft's 'go-low' play puts Windows revenue on the line
- Microsoft: Android Nokia not our call to make
- Gates sells another 20M shares; lead over Ballmer shrinks to nearly nothing
- Hey Microsoft, where's the next Mac Office?
- Microsoft dubs 'confusing' Office Web Apps as Office Online
Read more about Security in Computerworld's Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Gartner Report: A Guide to Gartner's Enterprise Mobile Security Self-Assessment Gartner introduces a model and a Toolkit intended to help mobility and security IT leaders assess their enterprise mobility programs from a security...
- Gartner Report: Containing Mobile Security Risks With the 80/20 Rule IT planners can deliver better mobile protection with higher user satisfaction by segmenting users into risk groups before committing to specific management or...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts