14 DAY TRIAL // Security researchers have spotted a ZeuS binary compilation service on the underground market which helps up-and-coming fraudsters reduce the costs of starting their own operation.
Despite rumors of no longer being in active development or being sold by its original author, ZeuS remains the most popular crimeware toolkit.
It consists of a builder that generates a customized trojan known as ZBot (ZeuS Bot) together with the Web application to use on the command and control (C&C) server.
Various versions of the ZeuS crimeware toolkit exist on the underground market. Some of the earlier ones can be obtained for free, but they are limited in features and are detected by most antivirus programs.
The most up-to-date variant used to cost around $4,000, but since the toolkit also supports modules that add additional functionality the final price could be up to $10,000.
That's quite a lot of money for someone who is just venturing into the cybercriminal world and doesn't have any significant profits yet.
According to security researchers from RSA, somebody thought of that problem and is now offering a low-cost Fraud-as-a-Service solution.
"[...] Even if a fraudster needed a bottle of milk, he had to pay for the entire cow. Well, no more. A vendor in the underground now provides a service of compiling the binaries for them – for a price per binary," they explain.
Recompiling the binaries later, to trick antivirus engines or change settings, costs extra, but it is still better than buying the full toolkit, especially now, when it's not even actively developed anymore.
It is rumored that the ZeuS code base has been given by its original author to the developer of SpyEye, a competing crimeware toolkit, who is now merging the two fraud tools together.