Source: Help Net Security
In this article “ThreatMetrix Labs came across a new variant of the P2P version of the Zeus Trojan. One of the main changes to this variant is the way it encrypts its configuration file – which make all automatic detection routines fail to recognize the Trojan.
“Today’s cybercriminals are rapidly evolving to surpass some of the most advanced malware and cybercrime automatic detection routines,” said Andreas Baumhof, CTO at ThreatMetrix. “The latest Zeus variant catches victims off-guard by waiting to attack until after a website’s login page appears to be functioning normally. After the victim logs in, the Zeus Trojan attempts to steal confidential information.”