Windows users surrender to their botnet God, the Zeus Trojan

Summary: The Zeus epidemic grows whilst a virus initially targeting Windows-based Siemens systems spreads widely

IN THE MONTH of July we wrote more than half a dozen posts (e.g. [1, 2, 3, 4, 5]) about Siemens problems that were caused by Windows malware (Stuxnet). Based on this new report, the infections continue to rise.

Stuxnet infections are continuing to rise with the total number of infected systems worldwide currently between 90,000 and 100,000, according to security vendor Symantec.

In an e-mail interview Thursday, Kevin Hogan, senior director for Symantec Security Response, noted that the company has observed "a consistent number of infections" since the malware was first detected last month. The number of infected countries, he added, now stands at 115.

[...]

The virus was initially written to steal data from critical infrastructure companies by specifically targeting Scada (supervisory control and data acquisition) systems running Siemens' WinCC software.

More here:

Trend Micro has uncovered a variant of the Zeus Trojan using an expired digital certificate belonging to Kaspersky Lab, while the Stuxnet malware is known to have used certificates stolen from legitimate companies.

They can only detect about 10% of the former:

Trend said it informed Kaspersky of the certificate issue. The problem again shows the lengths to which Zeus creators go to keep the malware undetectable. Experts at the security company Trusteer said security software suites are often only able to detected about 10 percent of the active Zeus variants circulating.

Just how big is this problem then? Last night we showed that Windows is less secure than ever. ⬆