October 23, 2009
Nerdsonsite

Zeus – Stealthy and Long-Lived

The password-stealing trojan Zeus, aka Zbot, PRG has gotten very good at evading antivirus. According to this study, 55% of the computers infected with this virus are running antivirus that is current. I was unable to find any information rating the ability of various antivirus programs to detect this threat, or whether it is detected by rootkit detection tools, such asRootKitRevealer, Blacklight, or Ice Sword.
Zeus, like many other malware infections, can remain on computers for a long time. According to this article,half of infected PCs have been infected for at least 300 days and four out of five had been infected for at least a month or had multiple infections.
MS Fights Scareware in Court
Microsoft is now taking a different approach to fighting back against the purveyors of “scareware” – by taking them to court. The problem is, most the culprits cannot be identified, so these are filed as so-called “John Doe” suits in the hopes that a judgment will serve as a deterrent to the malware writers if they are caught. Whether this will have any effect remains to be seen, but at least it sends the right message.
Google Safe Surfing Tool
For anyone who missed this week’s episode of Security Now!, here is a tip that is VERY COOL. Google indexes the directories of web sites and knows what is there. This gives them the ability to detect malware that is just waiting to execute a “drive-by” download attack on visitors with un-patched browsers or applications. By going to the following URL, followed by the URL of the website you want to check, you can get a report from Google (just going to this page will give you an 400 Bad Request error, but if you append the URL you want to check, you will get the report):
https://google.com/safebrowsing/diagnostic?site=
Dennis H in West Virginia, US
September 20, 2009

Homepage: Nerds On Site

Blog Home: Blog

Artile: Zeus – Stealthy and Long-Lived

Sort By Category