World's nastiest trojan fools AV software
Pounces on banking passwords
One of the world's nastiest password-stealing trojans evades detection by the majority PCs running anti-virus programs, according to a study that examined 10,000 machines.
Zeus, a stealthy piece of malware that sits on a PC and waits for users to log in to bank websites, is detected just 23 per cent of time by AV programs, according to the study (PDF) released by security firm Trusteer. Even AV programs with up-to-date malware signatures were unable to identify the infection a majority of the time, the authors said.
Zeus, which also goes by the name Zbot and PRG, escapes detection using sophisticated techniques such as root-kit technology, the Trusteer report said. The company is able to detect it by examining the fingerprint Zeus leaves when it penetrates an infected PC's browser process.
A recent report estimated that Zeus is the No. 1 trojan, with 3.6 million infections in the US alone, or about 1 per cent of the installed base of PCs. Trusteer's study, which found Zeus accounted for 44 per cent of the banking malware infections, was consistent with that finding. After sneaking onto a PC, it sits quietly in the background until a user logs on to a financial website. It then sends the login credentials to a remote server in real time, sometimes by use of instant messaging programs.
Of Zeus-infected machines, about 31 per cent don't run AV at all and 14 percent run AV that's out of date. The remaining 55 per cent had AV programs that were up to date. ®
@The original Steve
"Your a moron."
Thanks, that sets the tone for the rest of the response.
"This isn't some sort of Windows security hole. It's software that's been installed / ran by a user (and if it uses a root-kit they'll need admin rights) that does what the developer intended."
On a platform that defaults to allow such kind of software to run with admin rights because users default to admin rights, perhaps?
"Your telling me Linux prevents that?! If so I'm glad I don't develop for it."
It does not completely prevent it, just makes it more difficult. Nothing can ensure peace of mind, but there are ways to minimize it. Windows has to deal with a lot of badly written software that simply does not know how to run without admin rights, even if it is perfectly possible. What I cannot understand is the second sentence: are you glad developing for a platform that allows users do stupid things?
"Number of major flaws on OSS recently only backs up the theory that malware is targeted for the biggest audience rather than the weakest platform - which would be any platform with the largest number of users who happily install any old crap that comes on a email."
Whatever the reason, you seem to have reliable data on the number of OSS flaws versus other platforms, care to share that evidence? I'll share my evidence. Number of security outbreaks, infections, or any other kind of attacks in 2 Linux home boxes in 8 years:zero. Without running any kind of antivirus or similar security tools. Just the home router firewall, thanks. 8 years without devoting a second of my time, a cycle of my CPU or a byte on my hard disk to protecting me from something that should not be so easy to happen in the first place.
Whatever the reason, fact is, Linux is more secure. I don't care if it is because not popular or because is more secure or probably because both things at the same time. The plain fact is that Linux is more secure.
I'm ready to admit that if you configure Windows properly you can achieve similar levels of security. But that will be at the cost of some software not working properly, some of your machine resources devoted to that, plus the time you need to spend doing it. And yet after all that you'll not be free from things like SMB exploits happening.
"P.S. Now installing Windows 7 on a VM. 15 minutes total install time."
Mmmmm.... interesting, you really should post a YouTube Video of your VM W7 install, I'm sure the world will be shocked to know that you can install on that short time. Again, care to provide proof?
"Better than Linux? Not really. 6 Hours? Get a watch."
No, not really, I was making that number up. Make it 30 mins for the base OS, another 30 mins for Office and 2 and half hours of applying service packs, patches and rebooting. Only 3 and half hours, tops.
Ubuntu comes alive in 45 minutes, patches incuded, with office productivity, mail client, etc, already installed.
Oh, perhaps in your world where everybody who does not think like you is a moron time runs differently. But thanks to you and people with your midnset, Windows will always keep a big market share and the rest of the world will be safe. Please keep using Windows, Linux does not need users like you.
Don't bank online.
AV is shite
There are very few AV products that protect users against trojans or keyloggers. But then what do expect from an industry that can't protect against anything it doesn't already know about. The thing that surprises me is why Symantec et all haven't been sued yet for false advertising. None of them do as they claim, often as not they are beaten by the incredible advanced malware technique of renaming the virus or trojan to something not on a list of names of viruses and trojans. Given the wild and unrealistic claims on the boxes of these products, if there was ever something that deserved to be forcibly taken off the market for false advertising, antivirus software would be it.
I've only found one application that actively guards against malware.. ie. prevents an attack as it happens and doesn't require a hard disk scan to do it. It also finds and removes trojans that most antivirus products won't detect or can't clean from your system. While far from perfect at least it tries to protect the user from themselves in real time, which is more than any other product does, but then PC Tools were always a step above most other software houses.