Zbot Malware: Description, Prevalence, and Mitigation Techniques

Verified

Added on 2022/08/25

AI Summary

This report provides a comprehensive analysis of the Zbot malware, also known as Zeus, a Trojan horse that has significantly impacted computer and network security since its emergence in 2007. The report details the malware's functionality, including its use of man-in-the-browser technology to steal sensitive information like banking credentials, and its stealth techniques that allow it to evade detection by traditional antivirus software. It highlights the prevalence of Zbot, citing its compromise of millions of computers and its successful attacks on major companies and government entities. The report also explores mitigation strategies, emphasizing the importance of proactive measures such as avoiding suspicious links and the use of advanced antivirus software like Norton and McAfee. It underscores the need for constant vigilance and the adoption of robust security practices to protect against the evolving threat of Zbot and similar malware.

Running head: COMPUTER AND NETWORK SECURITY
Computer and Network Security
Name of the Student:
Name of the University:
Author note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1COMPUTER AND NETWORK SECURITY
Table of Contents
Introduction:....................................................................................................................................2
Description of the malware:.............................................................................................................2
Prevalence of Zbot:..........................................................................................................................3
Mitigation software:.........................................................................................................................3
Conclusion:......................................................................................................................................4
References:......................................................................................................................................5

2COMPUTER AND NETWORK SECURITY
Introduction:
With the advancement of the technology, there is a huge leap in the Information System.
As much as the information system has developed, the minds of the hackers have developed as
well. Viruses and malwares, which are advance codes of programming, are prevalent in the
contemporary information system. In this report we will discuss about one such virus known as
Zeus or Zbot, which is a malware that effects the information technology (O’Meara et al. 2016).
This malware is a Trojan horse package of malware which needs the Microsoft windows to run.
The package was first identified in 2007 and since then, it is has spread widely across the United
States. The following report addresses the Zbots in detail.
Description of the malware:
Zbot or the Zeus or ZeuS is a version of the Trojan virus that was first identified in the
2007. Zbot has multiple uses and the action that affects the most if the malicious attacks. The
attack is usually done for collecting \information from the bank accounts by using the technology
man-in-the-browser logging. Man in the browser is a kind of the man in the middle attack where
the attacker pretends to be the genuine receiver or sender and modifies details that is transferred.
One of the greatest example of the information theft was the stealing of the data from the United
States transport department which has led to the identification of Zbot (Etaher, Weir and Alazab
2015).
Zeus or the Zbot is not detected easily. According to the studies, the modern anti viruses
are also incapable of detecting Zbot as well. It uses the stealth techniques to hide itself from the
anti-viruses. In the year 2009 in United States of America, as much as 3.6 million of the personal
computers were compromised by this. The attacks were originated with the usage of the

3COMPUTER AND NETWORK SECURITY
malicious websites and links sent by the hackers in the systems containing important data which
are sensitive in nature. The initial purpose of designing the technology was gathering
information, later it was developed such that it can make changes to the systems and for
installation of a Ransomware known as the Crypto-Locker. This remained undetected till 2013.
Prevalence of Zbot:
In June 2009, the effect of the malware was first detected and since then it started
spreading widely across the country. The United State Department of Transportation database for
the customer details was hacked and the information were stolen. One of the anti-malware
company, which does not exist anymore, detected that the malware has successfully
compromised numerous companies which included giants like NASA, Bank of America,
Monster.com, Oracle, Amazon and many more (Kumar, Mishra and Panda 2016). The victims
are tricked with the technical support scamming which resulted in the hacking of the system. The
programs such as the command prompts and event viewers were used to make the victim believe
that the computer or the network is actually affected by viruses.
Mitigation software:
Once the malware has been detected in the system, now it has to be prevented at any cost.
Zbot not only steals the data, it can also make alterations in the code of program which in turns
leads to the loss of the data in the system. Common antiviruses cannot detect the malware due to
its stealth technology. Moreover, some precaution methods can be under taken to prevent the
occurrence of the attack due to this malware.
It is recommended that the business organizations, banking services should not open
suspicious links sent to their servers as they may act as the source of the attacks. One of the best

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4COMPUTER AND NETWORK SECURITY
antivirus for the Zbot is Norton. This does not raise false flag and detects the virus correctly. The
backup is generated correctly and stored in the cloud such that it can be retrieved once the data is
lost.
It has been effective in perform its job, as many of the attacks have been prevented with
the usage of this antivirus. Apart from this McAFee is also effective in removing the viruses and
malwares such as Zbot from the system.
For the purpose of the virus detection and removal, the software is installed using the
internet via Google Chrome. Ones it is installed correctly, the software is run on the system. It
scans the entire system looking for the breaches and malware (Patil 2018). Ones the scanning is
completed, the removal process begins. It takes some time to scan and remove the issues.
Conclusion:
Hence, it can be said that Zbot, under Trojan is one of the most disastrous virus and due
to its stealth mode it is not detected by the system without deep scanning. All though the
technology have given rise to these viruses, it has also developed anti-viruses like Norton and
McAFee to prevent them from causing harm to the data in the system.

5COMPUTER AND NETWORK SECURITY
References:
Etaher, N., Weir, G.R. and Alazab, M., 2015, August. From zeus to zitmo: Trends in banking
malware. In 2015 IEEE Trustcom/BigDataSE/ISPA (Vol. 1, pp. 1386-1391). IEEE.
Kumar, M., Mishra, B.K. and Panda, T.C., 2016. Predator-prey models on interaction between
computer worms, Trojan horse and antivirus software inside a computer system. International
Journal of Security and its Applications, 10(1), pp.173-190.
O’Meara, K., Shick, D., Spring, J. and Stoner, E., 2016. Malware capability development
patterns respond to defenses: Two case studies. White Paper, Software Engineering Institute,
Carnegie Mellon University.
Patil, S.S., 2018. Study of managing antivirus tools used for personal computers in Pune city.