infosec-news March 2011 archive
Main Archive Page > Month Archives  > infosec-news archives
infosec-news: [ISN] ZeuS cybercrime cookbook on sale in undergro

[ISN] ZeuS cybercrime cookbook on sale in underground forums

From: InfoSec News <alerts_at_nospam>
Date: Thu Mar 24 2011 - 07:36:20 GMT

By John Leyden
The Register
23rd March 2011

Cybercrooks are offering what purports to be source code for the
infamous ZeuS cybercrime toolkit though underground forums.

The would-be seller, nicknamed IOO, has lent credibility to the offer by
including screenshots of what appears to be portions of the source code
for ZeuS to his sales pitch. IOO offers to discuss the sale to
prospective buyers via either Jabber or ICQ. He is prepared to accept
payment via any escrow service.

The screenshots make reference to peinfector.cpp, a project of ZeuS
known as "Murofet". Security researchers - while unable to verify the
sale is genuine - are taking the potential offer seriously.

"Prior to this there were several rumors that the Zeus/Zbot code was
sold to the creator of SpyEye," writes Peter Kruse, an eCrime specialist
who works for Danish security consultancy CSIS Security.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.