Bank Trojan users arrested for ZeuS/Zbot hack

A man and a woman have been arrested in England, for allegedly spreading banking malware. They were charged with using the ZeuS (or Zbot) Trojan to steal bank passwords. In IT Blogwatch, bloggers cheer the Brits for cracking down.

By Richi Jennings. November 19, 2009.

Your humble blogwatcher selected these bloggy morsels for your enjoyment. Not to mention monoface...

    Jeremy Kirk beams down:

British police said Wednesday they've made the first arrests in Europe of two people for using ZeuS, a sophisticated malicious software program that can scoop up any sensitive information on a PC. ... ZeuS is an advanced piece of malicious software. If installed on a PC, it can send spam, steal financial or other data or conduct a distributed denial-of-service attack against other computers..


In the case of the two people arrested, ZeuS had been configured to steal ... "millions of" ... online bank account details and passwords and send that information to remote servers, according to police.

John Leyden adds:

The unnamed man and woman, both 20, ... [from] Manchester ... were arrested by officers from the Metropolitan Police's newly established Central e-Crime Unit (PCeU) on 3 November. The pair were arrested for offences under 1990 Computer Misuse Act and the 2006 Fraud Act, questioned by police and released on bail.


The Manchester arrests are the first made in Europe in connection with the malware. ZeuS is typically spammed out to prospected marks in emails with malicious attachments. A variety of social engineering tricks are used to con victims into opening these messages, or into following a link to a booby-trapped website and becoming infected.

Here's the inevitable Graham Cluley:

Zbot is one of the most notorious pieces of malware of recent times. It's a data-stealing Trojan horse, designed to grab information from internet users which would help hackers break into online bank accounts and social networking sites.


Although the arrests have been in the UK, the Zbot family of malware is a problem that has been hitting computer users around the world - it is truly a global threat. ... If the [British] police have made a positive step in unravelling the gang behind Zbot then that will be very good news for everyone interested in making the internet a safer place.

socceroos wonders how/they/got/caught:

If these two were smart then they would have completely covered/obfuscated their tracks every step of the way. From propagating the first copy of the trojan to making sure any profits/information was sent through an elaborate network of communication-encrypted proxies before arriving on a remote server from which they could connect to using a similar but different network of communication-encrypted proxies and download/view the information.

  I'd really love to know if they were just stupid, or if someone else was just way smarter. ... I hope it's the latter.

It's at times like these, we need a Linux troll. So here's symbolset:

This is a Windows, thing, right? So if you don't use Windows, it's not a problem.

Sadly, ArchieBunker feeds it:

Idiots are everywhere. You think people won't write malware or trojans if macos or linux suddenly jumped to a majority market share? People write the **** for windows because its what everyone uses. Why would I bother with 1.2% of the linux users when theres 92% of windows users available? Nothing is idiot proof, not even linux.

Meanwhile, Tynin quips:

But it is good to see more women programmers.

So what's your take?
Get involved: leave a comment.

And finally...

Richi Jennings, your humble blogwatcher
  Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. A cross-functional IT geek since 1985, he is also an analyst at Ferris Research. You can follow him as @richi on Twitter, or richij on FriendFeed, pretend to be richij's friend on Facebook, or just use good old email:

Don't miss out on IT Blogwatch:

Copyright © 2009 IDG Communications, Inc.

Shop Tech Products at Amazon