Zeus botnet trojan horse is back

April 24, 2010 Trusteer, a web security company, reports that a trojan horse virus called can steal online banking details from infected computers. The virus has infected one out of every 3,000 computers of the 5,500,000 million which the company monitors in the United States and the United Kingdom.

The trojan can infect users of Mozilla Firefox and on, and steals login information by recording keystrokes when the machine connects to certain websites, usually banks or other financial institutions. The stolen data is transmitted to a remote server and sold to cyber-criminals. "We expect this new version of Zeus to significantly increase fraud losses, since nearly 30% of Internet users bank online with and the infection is growing faster than we have ever seen before," said Amit Klein, chief technology officer at Trusteer, to BBC.

The trojan has also affected Wikinews users, including Brian McNeil, who is the founder of Wikinewsie, a restricted-access wiki used to collaborate on sensitive news reports. McNeil reported on his userspace: "On Saturday [April] 17, a Windows-based PC in the house issued a cry for help, the Avira package running on the system had just detected a piece of malware; full scans indicated several known pieces of malware and numerous hidden files. Additional scans revealed that all but one of the USB memory sticks and portable hard drives in the house were infected with something. The Zeus botnet, as it turned out." E-mail accounts for accredited reporters have also been affected.