A new version of the Zeus crimeware toolkit has been created by Hackers. It has been design to steel account etails for UK, US, Spanish and German banks.
CA has named the malware payload as Zeus v3 which is more selective about the banks it targets. Before, Zeus targeted financial institutions around the world. But this latest variant has two strains. One targets banks in Spain and Germany, and the other, banks in the UK and US.
this new version also makes it far harder for security researchers find out what it?s doing. The Zeus zombie drones operate in a more covert manner.
Senior research engineer with CA’s Internet Security Business Unit, Zarestel Ferrer says: "In earlier versions, Zeus handles this configuration file in a way that security researchers can easily manage to reverse engineer and capture the actual full configuration content. This is no longer the case for the latest Zeus bot version 3, which is already in the wild. It employs layers of protection by applying the principle of least privilege. It means that the bot must only access remote command, information and resources that are necessary to a specific function and purpose."
The command and control servers for the bot seem to be mostly located in Russia. In previous version UK,US Spanish and German banks were targeted the most. The cyber crooks have concentrated this focus with v3 to meet customer demand it would seem, by releasing localised versions to key geographical markets.