Zeus and SpyEye Botmasters Attack Security Sites

Thursday, March 10, 2011



SpyEye and Zeus users have resorted to repeated DDoS attacks against the ZeusTracker and SpyEyeTracker websites, apparently frustrated with the success the services are having at thwarting the popular malware.

The services, which were created by Roman Hüssy, track and detail the network infrastructure used by numerous botmasters who employ the Zeus and SpyEye malware in criminal enterprises.

Given the level of response from the botmasters, Hüssy's services must be having a significant impact on their operations.

"A series of discussions on an uber-exclusive Russian language forum that caters to identity and credit card thieves reveal that botmasters are becoming impatient in their search for a solution that puts Hüssy and/or his tracking services out of commission once and for all," wrote security journalist Brian Krebs.

The increasingly volatile cyber criminals have also turned their attacks against Hüssy personally, according to Krebs.

"At one point, someone wrote a fake suicide in Hüssy's name and distributed it to his family and friends, prompting local police to rouse him from slumber to investigate his well-being. But, those attacks haven't deterred Hüssy or sidelined his services", Krebs noted.

Security researchers had warned of the pending merger of the Zeus and Spyeye tools last fall, and the first toolkit combining the Zeus and SpyEye exploits arrived on the black market in January of this year.

Security firm Trusteer recently reported that an increasing number of websites are now known to host Zeus variants, and the report also shows that a growing number of networks are hosting command and control operations for Zeus-based botnets.

And this week researchers at Trend Micro revealed that a Zeus Trojan designed specifically to run on the Blackberry operating system has been detected.

Given that Zeus and SpyEye variants are two of the most widely used and successful malware in the wild, it is no surprise that criminal networks are seeking to put Hüssy's services - or Hüssy himself - out of commission.

“It’s easier and more productive to just use a joint fund to hire a killer, and story’s over,” Krebs quoted one cyber criminal as suggesting.

Possibly Related Articles:
Viruses & Malware
malware Botnets Attacks Zeus DDoS Security SpyEye
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.