14 DAY TRIAL // Researchers from security giant Symantec are announcing that a new botnet toolkit is threatening the infamous Zeus trojan. Dubbed SpyEye and priced at $500, the crimeware comes with a "Zeus killer" feature.
The Zeus computer trojan, also known as Zbot, is a well-maintained piece of malware that has been around since 2007. Millions of infected computers throughout the world are part of hundreds if not thousands of Zeus botnets, which are controlled by different gangs or individual cyber-crooks.
This is because the trojan is bundled along with the Command and Control (C&C) server software in a crimeware toolkit commercialized on the underground market. The team selling this package has constantly improved it, making it the most prolific information-stealing malware on the Internet.
But, according to Symantec, there's a new competitor on the market named SpyEye. Initially spotted on Russian hacking forums back in December, the fresh trojan toolkit has seen several revisions and is currently at version 1.0.7.
For a price of $500, the SpyEye toolkit offers most of the features Zeus does, being able to capture information typed into Web forms and steal credit card data, POP3 e-mail messages or FTP credentials. "It contains a builder module for creating the Trojan bot executable with config file and a Web control panel for command and control (C&C) of a bot net," Symantec's Peter Coogan writes on the company's Security Response blog.
One of the most intriguing options that can be enabled when generating the trojan horse is called "Kill Zeus." This feature would supposedly enable SpyEye to remove a Zeus from compromised systems; however, security researchers have yet to test and confirm it.
The new botnet can also be used as a distribution platform for other malware, enabling its masters to offer pay-per-install services to scareware pushers and other cyber-criminal gangs. There is an option to perform such rogue installations per country.
Even though it has enough potential, the new SpyEye toolkit is not mature enough to pose a real threat to Zeus' supremacy yet. Nevertheless, Symantec researchers worry that this aggressive competition could eventually lead to an inter-cyber-criminal gang war, as it previously happened with Beagle, Netsky and Mydoom.
