‘Most Dangerous Trojan Virus Ever’ Steals Over $1 Million

August 12, 2010 By Ryan Fleming

The Zeus Trojan, called the “most dangerous virus ever created” has stolen £675,000 from a British financial institution, and it isn’t done yet.

It is like the plot of a Hollywood movie, only the bad guys are definitely winning so far. Earlier this week, the internet security group M86 uncovered a Trojan virus targeting an unnamed financial institution in the UK. The “Zeus Trojan” has already siphoned off over $1 million from over 3,000 British customers between July 5 and August 4, and it shows no signs of stopping.

The thefts were discovered after M86 gained access to the command-and-control server in the Eastern Europe country of Moldova. As for the money, M86 could not give an exact location for where it was going, other than to suggest that it was heading into the former Soviet states- which likely meant that the money was going to the Russian mafia, or another Eastern European gang.

“We’ve never seen such a sophisticated and dangerous threat. Always check your balance and have a good idea of what it is.” M86 said in a security report released on Tuesday.

The Zeus Trojan, also known as Zbot has infected more than 37,000 computers in the UK through a drive-by download. Users visiting a compromised site would unknowingly receive the virus as a cookie, hidden as part of a legitimate ad on potentially any website.

Once the virus is on the computer, it waits until the user goes to their bank’s website — it is only one specific bank that has yet to be named as the investigation is ongoing — and then it intercepts password information before it can be encrypted. Once the trojan has access to the account, it checks to make sure that there is at least £800 available, then it begins to transfer anywhere up to £5,000 to various bank accounts. Once the transfer is complete, the virus then creates a false electronic statement to conceal the missing funds.

Most, if not all, of the victims will have their money reimbursed by the bank.

“In the vast majority of cases, if people had kept their computer’s operating systems and software such as Internet Explorer up to date they would not have been attacked,” Ed Rowley, product manager at M86 said, according to the Daily Mail.

“More often than not Trojans exploit known vulnerabilities that can be simply patched and fixed by downloading updates.”

Earlier this month, the UK based security group, Trusteer warned that more than 100,000 computers may have been infected with the Zeus Trojan, meaning that this is far from over.

Showing 17 comments

kebabie at 1:45pm 16th September 2010 why do yo people think it happend?
Jeff at 8:26am 2nd September 2010 Again....A malicious windows program being downloaded and run without user consent is VERY wrong. NO program should have authority to start unless specifically started by a user or by a scheduled job which is set up by a user with user credentials.....Remember, as in real life, most intruders come in through windows......This is why I use LInux.
m68 at 11:15pm 13th August 2010 NEXT...
ChiveSUCKS at 9:42pm 13th August 2010 DeltaDude - I dunno.. is it being written by the hand of a moron?
DeltaDude at 12:04pm 13th August 2010 Should be no surprise to anyone. Windows is the worst operating system ever. Apple is a distant second - http://www.us-cert.gov/cas/alerts/ Guess what this is being written with. Not Microsoft anything or Apple anything.
Groover McTuber at 9:03am 13th August 2010 Delete all cookies daily or when you close your browser
Muth at 5:26am 13th August 2010 Oh wow... why are users of the Safari Browser getting hit if Apple are immune?
1. mdwstmusik at 7:14am 13th August 2010 Not that the Mac is immune to security exploits, but you know Safari runs on Windows too.
  1. kebabie at 1:53pm 16th September 2010 yeah, thats true. but all these hardhead people aint listening to us baby.so tr again ine more time for me.
chinders at 3:37am 13th August 2010 i bet it cant infect apple's os !?!?!? buy apple it it hack free !!!!!
1. Nate at 8:49pm 13th August 2010 b/c when you want to steal money from lots of people, you'd bother hacking the smallest percentage of owned computers to make the highest profit. Windows is attacked more because more people use it. I hope you were being a troll.
2. romerz at 1:03pm 28th December 2010 In a hacking competition about 2 years ago, Apple was the first hacked in under 40 seconds. Do not spread lies and misinformation.
LinuxLad at 2:42am 13th August 2010 Is this trojan specific to an operating system?
EricNorris at 9:58pm 12th August 2010 All I can say is get yourself a good security package (or 2), keep it updated, scan regularly and just don't be stupid on-line. For those of you that are looking for a good AV package, read this article, the guy also put links in to get the programs from for free! http://TechReview.LIEconomy.com
1. Rob Jackson at 3:05pm 13th August 2010 Sorry, a good AV package ain't gonna do it. Even heuristically based ones are crap. These people all got owned by drive-bys, which, by definition means 0 interaction w/ customer. I have a hard time believing that they didn't have AV.
D.Tripier at 9:06pm 12th August 2010 According to IronKeys CEO Dave Jevans this trojan has struck for the tune of north of $6 Billion http://ow.ly/2moyl
1. Dan Gaul at 9:48pm 12th August 2010 Nope, he's talking in general with fraud and electronic crime, and not this virus specifically.