Trend Micro Threat Research Report: 9 Million ZeuS Attacks Blocked by Trend Micro in the Last 6 Months

CUPERTINO, Calif., March 9 /PRNewswire/ -- Trend Micro has seen a recent rise in average of around 300 unique ZeuS samples per day, according to a recent threat report that examines the Eastern European criminal enterprise behind one of the world's most prolific crimeware kits designed for wholesale monetary theft.  Trend Micro witnessed more than 13,000 unique ZeuS samples within January 2010 alone.

"ZeuS is nothing new – we've seen it at work for years. But what's alarming is the recent rise in attacks," said Raimund Genes, CTO of Trend Micro. "It's one of the most notorious security threats to Internet users and Trend Micro is fighting back: In the last 6 months, we've blocked about 9 million ZeuS attacks and we're not stopping."  

Latest developments

For the greater part of last year, Trend Micro discovered that ZeuS variants were also distributed via the Avalanche botnet – a fast-flux botnet -- which sent spammed messages en masse. The spam runs imitated several popular social networking sites. The cybercriminals behind the operations even tried to copy email messages and Web sites of U.S. government institutions like the Federal Deposit Insurance Corporation (FDIC), the Centers for Disease Control and Prevention (CDC), the Social Security Administration (SSA), and the Internal Revenue Service (IRS).

Another significant feature that was recently added to the current ZeuS versions is the "Jabber" functionality. Jabber is an open source instant messaging protocol and JabberZeuS is a ZeuS variant where the credentials stolen during a banking session are relayed in real-time to the ZeuS botmaster via instant messages so she can immediately log in to the same account undetected using the same credentials as the victim.

ZeuS-BREDOLAB connections

According to Trend Micro research, BREDOLAB and ZeuS are individual tools that are freely available in the cybercriminal underground. Their uses complement each other, which is why they're often seen together. While ZeuS specializes in stealing information from infected systems, BREDOLAB enables cybercriminal organizations to deliver any kind of software to its victims. Once a user's machine is infected by BREDOLAB, it will receive regular malware updates the same way it receives software updates from the user's security vendor.

Poor economy fueling ZeuS

The success of ZeuS is partly attributed to cybercriminals' ability to recruit money mules that move their stolen money around through bogus work-from-home scams. Given the current economic situation in the United States—with millions of people out of work—cybercriminals know they have a high success rate in recruiting accomplices.

Work-from-home recruits are instructed to provide bank account information, which the cybercriminals use to access compromised online bank accounts and to wire money amounting to less than US$10,000 to money mules, indicating that they are fully aware of banking alert limits. The money mules then wire the money back to Eastern Europe.

How can companies protect themselves?

Designed to quietly steal banking information and other sensitive data, the ZeuS botnet can turn itself off to remain undetected. Trend Micro offers the most advanced technology and expertise to immediately eliminate botnet attacks. The Trend Micro™ Smart Protection Network™ provides instant, real-time protection and is the infrastructure behind Trend Micro products. It correlates more than 20 billion emails, Web sites and files a day, using that data to immediately identify and respond to the latest emerging threats.

Trend Micro Recommends

ZeuS and other bots now control more than 100 million computers worldwide. If you're concerned that info-stealing malware is on your network, sign up for a free Security Threat Assessment today.

For the full research report, please visit: http://us.trendmicro.com/us/trendwatch/research-and-analysis/white-papers-and-articles/index.html

About Trend Micro:

Trend Micro Incorporated, a global leader in Internet content security, focuses on securing the exchange of digital information for businesses and consumers. A pioneer and industry vanguard, Trend Micro is advancing integrated threat management technology to protect operational continuity, personal information, and property from malware, spam, data leaks and the newest Web threats. Visit TrendWatch at www.trendmicro.com/go/trendwatch to learn more about the latest threats. Trend Micro's flexible solutions, available in multiple form factors, are supported 24/7 by threat intelligence experts around the globe. Many of these solutions are powered by the Trend Micro™ Smart Protection Network™ infrastructure, a next-generation cloud-client innovation that combines sophisticated cloud-based reputation technology, feedback loops, and the expertise of TrendLabs(SM) researchers to deliver real-time protection from emerging threats. A transnational company, with headquarters in Tokyo, Trend Micro's trusted security solutions are sold through its business partners worldwide. Please visit www.trendmicro.com.

SOURCE Trend Micro

WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?

440k+
Newsrooms &
Influencers

9k+
Digital Media
Outlets

270k+
Journalists
Opted In

GET STARTED