Author Topic: Zeus v.1.0.3.7  (Read 4356 times)

0 Members and 1 Guest are viewing this topic.

February 23, 2008, 07:57:43 pm
Read 4356 times

XzifT

  • Newbie

  • Offline
  • *

  • 4
Pretty sure this is the PRG/WNSPOEM trojan everyone is concerned with :).  Figured I'd contribute something back to this great site.

_hxxp://rapidshare.com/files/94324782/zeus_v1.0.3.7.rar.html


February 24, 2008, 02:28:37 am
Reply #1

sowhat-x

  • Guest
Welcome on board,XzifT:)

...some moment in late December,
I had also seen a (supposedly) scrambler meant especially for Zeus samples...
I say 'supposedly',because I hadn't really managed to test it:
executable itself was that much badly packed,that no matter my efforts,
I couldn't get it to run at all,lol...  ;D

Pretty much most of the infamous skiddie tools gathered in a single thread...
Quote
hxxps://forum.zloy.org/showthread.php?t=7951

...what REALLY makes me wonder is:
why in the world it takes that long for some AV companies,
in order to spot/detect variants of this kind of stuff/builders...
when they can be found simply by monitoring 6-7 widely known 'haxor' forums.
Kind of funny attitude actually...from the one hand,
you have serious and hard-working AV researchers/employees taking down infected hosts,
and on the other hand,AV companies' general policy,
towards the widely known to the public "main" distribution forums/sites,
is to either ignore them,or even worse,to leave them completely 'untouched'...

No need for 'dark' speculations and assumptions here,just my 2 cents towards this situation:
when at this moment,even the most non-technical aware end-user,
can find point-and-click botnet builders within a few minutes of googling...
then it's also at least ridiculous afterwards to see AV companies complain,
because a large majority of end-users claims that AVs generate malware themselves,
in order to make money...
If they don't want to hear such ridiculous statements,well,it's their responsibility:
advertisements regarding 'improved intrusion prevention' modules,bla-blah etc...
All these are nice and well,and obviously no one disagrees:
end-users also don't like the view of tons of vx/skiddie forums,
where automated botnet/trojan builders and rest of crap gets exchanged...
Even say from a strictly commercial respective,
trust gets builded exactly from these common daily facts - simple as that.