This site brings to you a consolidation of malware articles and alerts, as well as the antimalware solutions to fix and block it all. Please read our About page for more information.

ZeuS is a nasty infection to have.

Here is a very generic summary of ZeuS and its origins:

Zeus (also known as Zbot, PRG, Wsnpoem and Gorhax) is a Trojan horse that steals banking information by keystroke logging. Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009, security company Prevx discovered that Zeus had compromised over 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster, ABC, Oracle, Cisco, Amazon, and BusinessWeek.

http://en.wikipedia.org/wiki/Zeus_%28trojan_horse%29

This trojan has many variants, many botnets (each owned by different groups), and many vectors of attack. It started out as a Do-It-Yourself kit, purchased and modified with its own features. Some of the more common variants are easier to recognize, but some compromises are very stealthy targeted attacks. The polymorhpic nature of ZeuS can be seen over the years:  Read more...

There has been a lot of anxiety about what will happen on April 1st. Typically, you pull a prank on a co-worker. This year, a virus will do... something. Maybe.

A conficker variant, also know as downadup or kido, is scheduled to alter its activity tomorrow.

I recommend reading up on what Conficker is, what it does, and what is being guessed it will do. A good start is the SANS diary:

http://isc.sans.org/diary.html?storyid=6043

A really good timeline is posted here:

http://lastwatchdog.com/evolution-conficker-globe-spanning-worm/

And a rather amusing FAQ about the virus is here:

http://www.f-secure.com/weblog/archives/00001636.html
  Read more...

I came across this xkcd comic, and although its humorously exaggerated, it does demonstrate the quickest way to bypass security:



This is a case of social engineering being much more effective than brute forcing the security in place. :)

Original comic found here: http://xkcd.com/538/