Who and where will the Zeus Trojan strike next?

Hold onto your hats. A new version of the Zeus trojan, called Zeus3, has wreaked havoc on thousands of bank accounts worldwide, stealing just over $1 million. The best part? There’s pretty much no way to detect the trojan if it’s on your system. Hooray for humanity, right?

The trojan first popped up last month, and has drained more than 3,000 bank accounts.

M86 Security, the first group to discover the trojan, says:

We’ve never seen such a sophisticated and dangerous threat. Always check your balance and have a good idea of what it is.

The last thing you want to do is hear a bank account-draining sophisticated trojan.

Oh, it only affects Windows systems. But you knew that already.

The scariest part is that the trojan, after clear out your bank account, serves up a fake bank statement page. It looks like you have all of your money, but you actually have $50 left in your entire account.

Again, no current anti-malware software can detect the trojan, so for the time being you’re on your on.

I suggest we all stop using the Internet to be safe. An overreaction? Yes, obviously, but this actually sounds like a nasty bit of malware.


But there’s more. It looks like it ONLY affects british accounts. More than likely it only affects IE browsers as well, the trojan is a browser plugin.

The bad news is that the East European-controlled botnet that controls the malware drives a real-time plug-in within the users’ web browser and, when infected, the users PC quietly checks for a balance on the account the user is accessing.

Then, if the balance is higher than 800 euro or its local currency equivalent, the malware initiates a transfer to a mule account.