28 November 2014

Zeus-Carberp mashup Trojan targets banks

29 May 2014  |  4356 views  |  0 Computer virus

A new Trojan that combines elements of the notorious Zeus and Carberp families is targeting hundreds of financial institutions around the world, security researchers are warning.

Trusteer says that the Trojan, which they have dubbed Zberp, seems to have been assembled from the leaked source code of Zeus and Carberp.

The result of the mashup enables cyber-crooks to grab basic information about the infected computer, including the name, IP and more. It can take screen shots and send them to the attacker. It steals data submitted in HTTP forms, user SSL certificates and even FTP and POP account credentials.

The malware also uses evasion techniques that it inherited from both Zeus and Carberp to hide from anti-virus and anti-malware tools.

According to Trusteer, Zberp has been targeting more than 450 financial institutions around the world, mainly in the US, UK and Australia.

Say researchers Martin Korman and Tal Darsan: "Since the source code of the Carberp Trojan was leaked to the public, we had a theory that it won't take cyber criminals too long to combine the Carberp source code with the Zeus code and create an evil monster."

Comments: (0)

Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related blogs

Create a blog about this story (membership required)

Related stories

27 June, 2013
08 April, 2013
05 October, 2012
26 March, 2012
07 October, 2011
27 April, 2011
24 March, 2011

Related company news

 

Featured job

to £100k base, commission, benefits
London, UK

Find your next job