Tuesday, February 1, 2011

ZeuS & SpyEye Merging: A Fresh New Hydra Head

Via Seculert Blog -

Since Brian Krebs broke with the news about the merger between ZeuS and SpyEye, many security vendors have argued whether this information is true or just a rumor.

Some of the vendors have uncovered "hard evidence" of cyber criminals posting on underground forums about this new merge. These posts were later found to be fake.

A week ago, Trend Micro Labs described what seemed to be the real SpyEye administration panel of the merged malware kit. Recent findings by Seculert Research Labs uncover that this may just be the tip of the iceberg. In fact, our researchers found that this piece of "Hydra" malware has a fresh new ZeuS head.

As of today, ZeuS still keeps the crown as the king of botnets, with thousands of different malware kits being bought and installed by cybercriminals. Those cybercriminals are used to the clean bluish interface of the Zeus administration panel, and therefore will find it easier to work with the new SpyEye/ZeuS merged version.


This version of the Zeus/SpyEye merge seems to be in the midst of a serious development effort, and its version number (1.3.05b) indicates that it’s indeed still in beta testing.

Much like with the old versions of ZeuS and SpyEye, conventional security solutions will find it hard to detect and handle this type of new threat.

No comments:

Post a Comment