'User-friendly' Zeus Trojan threatening world banks

EMC's security division RSA has seen the increased use of the 'Zeus' Trojan against financial institutions worldwide, according its latest fraud report.

The report said Zeus (also known as wsnpoem) was extremely easy to use and operate, with Trojan infection kits available to rent or purchase, which it called a 'ready-made Zeus attack infrastructure.'

It said all that was needed was a compromised or fraudster's back-end server. Once the server was in place, they simply needed to install the Zeus administration panel, create a user name and password, and start launching the attacks.

"The administration panel can be easily controlled by unsophisticated users," stated the report.

RSA said that criminals were also offered access to an 'all-in-one' solution, a ready made hosting server with a built-in Zeus Trojan administration panel and infection tools.

The report said: "The service includes all of the required stages in a single package meaning that all the fraudster now has to do is pay for the service, access the newly-hired Zeus Trojan server, create infection points and start collecting data."

The servers were also offered with 'exploit packages' that facilitated Zeus infections. RSA said that this allowed fraudsters to infect users and grow a botnet of compromised machines.

It said: "An entire Zeus attack comes alive, using a single service package that fraudsters can buy in the underground."

The report also said that 11 per cent of total global banking brands being phished were from the UK. This was second only to the US for the fifteenth consecutive month.