Home Malware Programs Trojans ZeusVM

ZeusVM

Posted: March 6, 2014

Threat Metric

Threat Level: 9/10
Infected PCs: 133
First Seen: March 10, 2014
Last Seen: June 14, 2023
OS(es) Affected: Windows

ZeusVM is a Trojan that spreads to vulnerable computer systems as a configuration file which is hidden as a harmless image. ZeusVM is a new version of the ZeuS banking Trojan that targets financial institutions. ZeusVM is created to retrieve its configuration file from an image. ZeusVM retrieves a JPG image from a server alongside other components. An image is copied from the Internet, but with some additional code attached to it. By using steganography, the attackers have added the malware configuration data to the image without destroying it. The fact that the configuration file is hidden as an image has numerous advantages, involving the fact that the malicious code can avoid security software. A PC user, whose computer is used to host the file would likely not suspect that the image is, in actuality, a part of a malicious operation.

Loading...