ZeuS tracker shrinks takedowns from days to minutes
Search and destroy
A site dedicated to tracking the infamous ZeuS botnet is celebrating its first birthday.
In the twelve months since the ZeuS Tracker was born, on 2 February 2009, the site has tracked more then 2,800 malicious botnet command and control servers associated with ZeuS. The site has logged around 360MB ZeuS config files and 330MB in binaries.
Thanks to the work of the volunteers and security consultancies, such as Team Cymru, that have contributed to the project, a ZeuS control hub can sometimes be taken down in minutes. Local CERTs, registrars and ISPs subscribe to the list compiled by ZeuS tracker to identify and take-down suspect domains.
More recently, ZeuS Tracker data has been integrated into the suspect blocklist of commercial products, as explained in a post celebrating the anniversary of the ZeuS tracker on abuse.ch here.
The ZeuS family of malware threats collectively make up the nastiest and most prolific banking Trojans doing the rounds. Fraudsters behind ZeuS variants are pushing the bounds of malware malfeasance.
For example, variants of Zeus were caught using the popular Amazon EC2 service as a command and control channel for communication with infected drones back in December. ®