'User-friendly' Zeus Trojan threatening world banks
RSA has highlighted an 'all-in one' Zeus Trojan package - making botnet attacks possible for the most 'unsophisticated' of users.

EMC's security division RSA has seen the increased use of the 'Zeus' Trojan against financial institutions worldwide, according its latest fraud report.
The report said Zeus (also known as wsnpoem) was extremely easy to use and operate, with Trojan infection kits available to rent or purchase, which it called a 'ready-made Zeus attack infrastructure.'
It said all that was needed was a compromised or fraudster's back-end server. Once the server was in place, they simply needed to install the Zeus administration panel, create a user name and password, and start launching the attacks.
"The administration panel can be easily controlled by unsophisticated users," stated the report.
RSA said that criminals were also offered access to an 'all-in-one' solution, a ready made hosting server with a built-in Zeus Trojan administration panel and infection tools.
The report said: "The service includes all of the required stages in a single package meaning that all the fraudster now has to do is pay for the service, access the newly-hired Zeus Trojan server, create infection points and start collecting data."
The servers were also offered with 'exploit packages' that facilitated Zeus infections. RSA said that this allowed fraudsters to infect users and grow a botnet of compromised machines.
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
It said: "An entire Zeus attack comes alive, using a single service package that fraudsters can buy in the underground."
The report also said that 11 per cent of total global banking brands being phished were from the UK. This was second only to the US for the fifteenth consecutive month.
-
AI coding tools are booming – and developers in this one country are by far the most frequent users
News AI coding tools are soaring in popularity worldwide, but developers in one particular country are among the most frequent users.
-
Cisco warns of critical flaw in Unified Communications Manager – so you better patch now
News While the bug doesn't appear to have been exploited in the wild, Cisco customers are advised to move fast to apply a patch
-
RSAC in focus: Key takeaways for CISOs
The RSAC Conference 2025 spotlighted pivotal advancements in agentic AI, identity security, and collaborative defense strategies, shaping the evolving mandate for CISOs.
-
RSAC in focus: Quantum computing and security
Experts at RSAC 2025 emphasize the need for urgent action to secure data against future cryptographic risks posed by quantum computing
-
RSAC in focus: How AI is improving cybersecurity
AI is revolutionizing cybersecurity by enhancing threat detection, automating defenses, and letting IT professionals tackle evolving digital challenges.
-
RSAC in focus: Collaboration in cybersecurity
Experts at RSA Conference 2025 emphasised that collaboration across sectors and shared intelligence are pivotal to addressing the evolving challenges of cybersecurity.
-
RSAC in focus: Considerations and possibilities for the remainder of 2025
As 2025 unfolds, RSAC explores the pivotal considerations and emerging possibilities shaping the cybersecurity landscape
-
RSAC Conference 2025: The front line of cyber innovation
ITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
RSAC Conference 2025: AI and quantum complicate security
Organizations are grappling with the complications of adopting AI for security
-
RSAC Conference 2025 was a sobering reminder of the challenges facing cybersecurity professionals
Analysis Despite widespread optimism on how AI can help those in cybersecurity, it’s clear that the threat landscape is more complex than ever