The Zeus virus increased in potency each year afterward until 2010, when the alleged retirement of its creator and release of its source code made it the imminent threat it is known as today. Most experts agree that it is more dangerous now than it ever was before. Once the Zeus virus makes contact with your computer, it is capable of compromising each of its major functions.
There are two (2) main ways in which the Zeus virus operates. First, a network of corrupted machines, or botnet, is established and controlled at the absolute command of the attacker or malware owner. This mechanism helps to facilitate the collection of large amounts of data and information, which in turn, is used to scale the attack. Secondly, an underlying effort is made to seek out and lift financial information (including online banking credentials), making the Zeus virus a financial trojan in every sense of the term.
The Zeus virus is able to thrive by way of keylogging and other website monitoring tactics. When a user begins interacting with a banking or other financial application, their keystrokes are recorded for pertinent login information. This data is used at a later time to access secured accounts and use them as the attacker pleases. Keylogging is used by a number of trojans—not just the Zeus virus—which is what makes them so powerful. Caution can be used when entering information to access secured accounts, but there really isn’t a way to get around the keystrokes used for doing so.
Asides computers running the Windows operating system, the Zeus virus has also been known to affect a number of Android mobile devices. For their part, mobile devices have arguably given way to the popularity of two-factor authentication, where after entering a username, password and random CAPTCHA message, a random token is generated and passed to a mobile device, which must then be supplied in the authentication process in order to gain access to a secured system. Two-factor authentication is known for curbing malicious attacks, even though the Zeus virus is still present during these processes. For infected mobile devices, themselves, the process is hardly useful, particularly when accessing secured accounts from these devices.
Indeed, the public release of the Zeus virus source code has made it possible for attackers to build newer, more effective versions of the same malware. Later iterations have used spam and drive-by downloads to implement attacks. There have also been cases reported in which social media sites have served as incubators for strands of the Zeus virus. The corrupting of legitimate, well-manned web applications speaks volumes about the power of trojans, which are usually only preventable by following safe internet and use practices.
Click here for a short history of financial trojans.