ZeuS set to proliferate as entire source code goes online

Security experts are warning of an increase in ZeuS-related attacks after discovering that the entire source code for the notorious crime kit has been leaked online.

Peter Kruse, a partner at security consultancy CSIS Security Group, made the revelations in a blog post, saying that the kit had been posted on several underground forums and "other channels".

"We can hereby confirm that the complete ZeuS/Zbot source code is freely available for inspection, inspiration or perhaps to be compiled and used in future attacks," he wrote.

"With the release and leakage of the source code the ZeuS/Zbot could easily become even more widespread and an even bigger threat than it already is today."

The ready availability of do-it-yourself crimeware kits has democratised the means to launch and craft malicious attacks, and led to an explosion in the amount of malware currently circulating the web.

ZeuS/Zbot is already one of the most widespread and successful information stealing Trojans around, and this latest discovery makes it even more important to practice good security.

This certainly involves being up to date with system patches, having the correct security software defences in place and following industry guidelines where appropriate.

But it also crucially requires educating employees to ensure that they don't fall for the social engineering techniques often used to trick people into clicking on malicious links or opening intriguing attachments, thereby triggering the malware download.