Zeus spreads giant arms wider

Increasing numbers of websites have been seen hosting various versions of the notorious Zeus Trojan, Trusteer has reported.

The volume of networks hosting command and control (C&C) servers for Zeus botnet swarms has also expanded, helping the threat to spread further, the security firm claimed.

Trusteer looked into the IP distribution of sites hosting the Trojan configurations as well, discovering the US was far and away the favourite place for Zeus to hang out.

Almost two-fifths of all Zeus configurations were found to be residing in the US, compared to the UK figure of just 3.5 per cent.

Russia had the second highest share of infections, with 21.6 per cent.

Analysts also mapped out where sites used as Zeus C&C platforms were accessible.

Almost a third were in the US over an 80-day period, with the UK down on six per cent.

“The increasing usage of automated registration and servicing systems on the internet means that human operator monitoring of hosted systems has become less frequent in those countries with good internet access,” Trusteer said in its report.

“As well as driving the cost of hosting downwards, this has the worrying effect of making it all too easy to register and set up a C&C and/or Zeus-infected website plus allied systems, and using the platform to infect the general internet user community.”

Zeus has become infamous in the security industry and remains one of the top threats facing businesses across the world today.

This article originally appeared at itpro.co.uk