Difference between revisions of "ZeuS"

From Botnets.fr
Jump to navigation Jump to search
m (1 revision imported)
m (Text replacement - "[[Fichier:" to "[[File:")
Line 12: Line 12:
}}
}}
{|
{|
|[[Fichier:ZeuS-Harderman-Slavik.png|200px|thumb|left|Graph Slavik "Harderman"]]
|[[File:ZeuS-Harderman-Slavik.png|200px|thumb|left|Graph Slavik "Harderman"]]
|[[Fichier:Harderman-vente-code-source-zeus.png|‎200px|thumb|left|Vente du code source sur un forum]]
|[[File:Harderman-vente-code-source-zeus.png|‎200px|thumb|left|Vente du code source sur un forum]]
|[[Fichier:ZeuS.PNG‎|‎200px|thumb|left|ZeuS v2.0.8.9]]
|[[File:ZeuS.PNG‎|‎200px|thumb|left|ZeuS v2.0.8.9]]
|[[Fichier:Builder_ICE_IX.jpg|‎200px|thumb|left|IceIX v1.0.5]]
|[[File:Builder_ICE_IX.jpg|‎200px|thumb|left|IceIX v1.0.5]]
|}
|}


Revision as of 01:48, 1 August 2015

(Botnet) Link to the old Wiki page : [1] / Google search: [2]

ZeuS
Alias
Group Banking
Parent
Sibling
Family
Relations Variants:

Sibling of:
Parent of: Chthonic, Citadel, Floki, Gameover, IceIX, JabberZeuS, Murofet, Ramnit, Skynet
Distribution of:
Campaigns:

Target Microsoft Windows
Origin
Distribution vector
UserAgent
CCProtocol P2P (Kademlia) ()
Activity 2006 /
Status Unknown
Language
Programming language
Operation/Working group Operation b71

Introduction

ZeuS est un cheval de Troie qui dérobe des informations bancaires par enregistrement de frappe et récupération de formulaire.

Début mai 2011, le code source de la version 2.0.8.9 a été rendu public. La publication de la source a permis de sortir des variantes du cheval de troie. La première variante observée a été IceIX vendu 1800$.

Descendance: IceIX, Citadel, Gameover, Murofet/Licat

Features

Associated images

Checksums / AV databases

Publications

 AuthorEditorYear
An interesting case of JRE sandbox breach (CVE-2012-0507)Jeong Wook (Matt) Oh
Chun Feng		Microsoft2012
Anonymous supporters tricked into installing ZeuS trojanSymantec2012
Avalanche phishers migrate to ZeuSLinda McGlassonBankinfo security2010
Battling the Zbot threatJoe Faulhaber
Paul Henry
Frank Simorjay
Holly Stewart
T.J. Campana
Matt McCormack		Microsoft2010
Bredolab botmaster ‘Birdie’ still at largeBrian KrebsKrebs on Security2012
Carberp: Silent trojan, eventual successor to ZeuSCarlos ZevallosInfoSpyware2011
Cracking into the new P2P variant of Zeusbot/SpyeyeAndrea LelliSymantec2011
DGAs and cyber-criminals: a case studyManos Antonakakis
Jeremy Demar
Christopher Elisan
John Jerrim		Damballa
Going solo: self-propagating ZBOT malware spottedAbigail Pichel
Joie Salvio
Alvin Bacani		Trend Micro2013
Harnig botnet: a retreating armyAtif MushtaqFireEye2011
Malware Memory Analysis - VolatilityBasement TechBasement PC Tech2012
Massive Drop in number of active Zeus C&C serversAbuse.ch2010
Microsoft and financial services industry leaders target cybercriminal operations from ZeuS botnetsRichard Domingues BoscovichMicrosoft2012
New IceIX (ZeuS variant) changes its encryption method (again)Andreas BaumhofTrustDefender Labs2011
Now you Z-(eus) it, now you don’t: ZeuS bots silently upgraded to CitadelRSA2012
On botnets that use DNS for command and controlFelix C. Freiling
Christian J. Dietrich
Christian Rossow
Herbert Bos
Maarten van Steen
Norbert Pohlmann		Institute for Internet Security University of Applied Sciences Gelsenkirchen Gelsenkirchen, Germany2011
On the analysis of the ZeuS botnet crimeware toolkitHamad Binsalleeh
Thomas Ormerod
Amine Boukhtouta
Prosenjit Sinha
Amr M. Youssef
Mourad Debbabi
Lingyu Wang		2010
Overview: inside the ZeuS trojan’s source codeSteve RaganThe Tech Herald2011
Panda Security uncovers bot-killing malwareBrian PrinceWired Business Media2012
Playing cops & robbers with banks & browsersFred GutierrezSymantec2012
Relentless Zbot and anti-emulationsAnoirel IssaSymantec2012
SIM-ple: mobile handsets are weak link in latest online banking fraud schemeAmit KleinTrusteer2012
SIRv12Joe Faulhaber
David Felstead
Paul Henry
Jeff Jones
Jimmy Kuo
Marc Lauricella
Dave Probert
Tim Rains
Frank Simorjay
Holly Stewart
Matt Thomlinson
Scott Wu
Terry Zink
Dennis Batchelder
Shah Bawany
Joe Blackbird
Eve Blakemore
Sarmad Fayyaz
Nitin Kumar Goel
Ken Malcolmson
Nam Ng
Mark Oram
Daryl Pecelj		Microsoft2012
SpyEye being kicked to the curb by its customers?Sean BodmerDamballa2012
The Cridex trojan targets 137 financial organizations in one goDaniel ChechikM86 Security Labs2012
The evolution of webinjectsJean-Ian BoutinVirus Bulletin2014
Top 50 bad hosts & networks 2011 Q4Jart Armin
Steve Burn
Greg Feezel
David Glosser
Niels Groeneveld
Tim Karpinsky
Bogdan Vovchenko
Will Rogofsky
Philip Stranger
Bryn Thompson		HostExploit2012
Torpig - Back to the future or how the most sophisticated trojan in 2008 reinvents itselfAndreas BaumhofAndreas Baumhof2011
Zeroing in on malware propagation methodsJoe Faulhaber
David Felstead
Paul Henry
Jeff Jones
Ellen Cram Kowalczyk
Jimmy Kuo
John Lambert
Marc Lauricella
Aaron Margosis
Michelle Meyer
Anurag Pandit
Anthony Penta
Dave Probert
Tim Rains
Mark E. Russinovich
Weijuan Shi
Adam Shostack
Frank Simorjay
Hemanth Srinivasan
Holly Stewart
Matt Thomlinson
Jeff Williams
Scott Wu
Terry Zink		Microsoft2011
ZeuS ransomware feature: win unlockMikko S.
Marko		F-Secure2012
ZeuS v2 Malware Analysis - Part IIPatrick OlsenSystem Forensics2012
ZeuS – P2P+DGA variant – mapping out and understanding the threatCERT Polska BlogCERT Polska2012
ZeuS: me talk pretty Finnish one dayF-Secure2012
ZeuSbot/Spyeye P2P updated, fortifying the botnetAndrea LelliSymantec2012
Graph Slavik "Harderman"
Vente du code source sur un forum
File:ZeuS.PNG
ZeuS v2.0.8.9
File:Builder ICE IX.jpg
IceIX v1.0.5


Liens externes

Retrieved from "https://www.botnets.fr/index.php?title=ZeuS&oldid=5236"