In association with heise online

17 March 2010, 09:34

Botnet with integrated copy protection

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The current version of the ZeuS botnet uses classical copy protection mechanisms to prevent the use of unlicensed pirate copies. ZeuS is a malware toolkit used, for instance, to steal online banking data. The basic version currently costs about $3,000 to $4,000.

Security firm SecureWorks has discovered that the ZeuS server only works with a system specific key. Similar to the Windows OS, the malware creates a kind of fingerprint of the respective hardware configuration when first started. The vendor then provides the user with a personalised licence key for this configuration.

The ZeuS server is responsible for controlling the botnet. It communicates with the infected computers – the bots –, it receives the data they provide and issues commands, etc. The client software injected on victims' systems of course does not require a licence key. Extensive division of labour has existed in the malware scene for some time. Many gangs use the professional ZeuS software which is modular and can – for a fee – be extended to include, for instance, different Windows versions or browsers. By using a licence management system, the product has reached a new level of professionalism.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit