It’s often said “What’s old is new again”. The well-known ZeuS banking trojan is back again, but this time it is being spread as a 64 bit version. In fact, the 64bit version was embedded in the old 32bit version. If the Trojan senses that the target browsers 64bit it will inject the appropriate version.
This raises a good question. Since few users are using 64bit browsers at this time, why did the hackers bother? I think it is simply they are determined to stay ahead of the game and keep up with the market. Virus makers sell their products with root kits and want to make sure they have the most marketable products. The conversion to 64bit browsers has been slow, but it is inevitable.
Despite the best efforts of banks and other institutions, ZeuS continues to threaten security with its ability to steal digital certificates, log keystrokes and steal banking credentials. Stolen credentials can result in drained bank accounts and money transferred to the attackers account. ZeuS’s main purpose is to keep stealing banking credentials. SSL certificates protect websites as well as their users from falling prey to such attacks, so these trojans use backdoors or other infected hosts to steal data at the server level
ZeuS communicates with its command and control servers over peer to peer networks, most prominently the Tor anonymous network. Tor is completely legal and there isn’t a way to bring it down, frustrating the surveillance industry.
What Can I Do to Protect Against the ZeuS Banking Trojan?
Your computer is safe from ZeuS if you use the Comodo Internet Security. At worst, it will be isolated in the sandbox area where it will do no harm. If needed, free ZeuS removal software is available, such as the following from download.com: http://download.cnet.com/Zeus-Trojan-Remover/3000-8022_4-75183944.html