All the latest UK technology news, reviews and analysis

Zeus retains botnet crown, according to McAfee

29 Mar 2013
security risk management

Zeus malware continues to be a scourge on users, with researchers reporting it remains the most popular botnet family on the web, years after it first emerged.

McAfee reported that the financially-oriented malware was by far the largest botnet on the web, claiming some 57 percent of botnet infections the company logged thus far in 2013. According to McAfee, Zeus and its variants account for some 57.9 percent of all botnet infections. No other botnet on the list logged more than a nine percent share.

Following its first major outbreaks in 2009, the Zeus malware has long been a thorn in the side of the cybersecurity community.

Renowned for its ability to operate without alerting users, Zeus infections reside locally on the victim's PC and inject code directly into browser before a page is displayed. This allows Zeus variants to add data input fields or redirect transmissions from an otherwise legitimate website.

According to McAfee researcher Neeraj Thakar, the polymorphic nature of Zeus, which allows the malware to constantly change its own code, makes detecting the malware's signature all but impossible in the wild.

"Bot masters have become so advanced and organised that they can churn out thousands of undetectable and unique malware binaries each day," Thakar wrote.

"That coupled with the ability to rapidly change the control-server hosting infrastructure allows them to stay active longer without being taken down."

The spread of Zeus continues despite efforts by security vendors to remove the various botnets built on the platform. Microsoft recently sued two men in the UK over their involvement in Zeus botnets.

Still, McAfee estimates that as many as 37 percent of the 8.5 million malware payloads it has analysed this year are linked to known botnets, largely variants on Zeus.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Shaun Nichols

Shaun Nichols is the US correspondent for He has been with the company since 2006, originally joining as a news intern at the site's San Francisco offices.

More on Security
What do you think?
blog comments powered by Disqus

Windows 10 poll

What are your first impressions of Windows 10?

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

IS Systems Support Engineer

Systems Support Engineer, Belfast Area Hays IT, Belfast...

Senior .NET Developer REST C# ASP.NET Web API Finance London

Senior .NET Developer (REST C# MVC ASP.NET Web API RESTful...

Testing analyst

Test Analyst/QA Analyst/Software Tester - Belfast- circa...

Lead .NET Developer ASP.NET Web API C# REST MVC Finance London

Lead .NET Developer (Development Team Leader REST C...
To send to more than one email address, simply separate each address with a comma.