- Jan 8, 2011
- 22,361
New strains of the malevolent Zeus malware have been discovered using the Windows 'PIF' file extension to steal information from compromised computer systems.
Find out more: WebSense Blog
The Websense ThreatSeeker Intelligence Cloud has been tracking the campaign, which appears in short bursts, for several months. Specifically, these strains of the banking Trojan have been seen to "persistently evolve and adapt their methods to implement information stealing procedures," and are believed to be a direct evolution of a previous variant called 'Zberp.'
The Zberp Trojan, believed to have been assembled from the source code of Zeus and Carberp, allows cyber-criminals to lift information from compromised computers including names, IP, data submitted in HTTP forms and FTP/POP accounts. As well as being able to take screenshots and send them to Command and Control (C&C) centers, the variant also uses evasion techniques inherited from both the Zeus and Carberp Trojans.
The Zberp Trojan, believed to have been assembled from the source code of Zeus and Carberp, allows cyber-criminals to lift information from compromised computers including names, IP, data submitted in HTTP forms and FTP/POP accounts. As well as being able to take screenshots and send them to Command and Control (C&C) centers, the variant also uses evasion techniques inherited from both the Zeus and Carberp Trojans.
Find out more: WebSense Blog
