Zeus, often referred to as Zbot, is Trojan horse computer malware that runs on computers running under versions of the Microsoft Windows operating system. A Trojan Horse is computer programming that appears to be legitimate and harmless, but actually hides an attack.
While it is capable of being used to carry out many malicious and criminal tasks, it is often used to steal banking information by man-in-the-browser keystroke logging and form grabbing. It can also used to install the CryptoLocker ransomware.
Once a Zeus Trojan infects a machine, it remains dormant until the end user visits a Web page with a form to fill out. The user might be asked to fill in a form with specific information for "security reasons."
Zeus is spread mainly through drive-by downloads and phishing schemes. First identified in July 2007 when it was used to steal information from the United States Department of Transportation, it became more widespread in March 2009. In June 2009 security company Prevx discovered that Zeus had compromised more than 74,000 FTP accounts on websites of such companies as the Bank of America, NASA, Monster.com, ABC, Oracle, Play.com, Cisco, Amazon, and BusinessWeek.
Zeus is traded on the black market, with a basic package costing about $3,000. Various module add-ons can bump the price up to as much as $10,000.
Because Zeus is so adaptable, they are often missed by anti-virus software applications.This has led to the Zeus malware family becoming the largest botnet on the Internet - about 3.6 million PCs are thought to be infected in the US alone. Security experts advise users not to click on hostile or suspicious links in emails or websites, and to keep antivirus protection up to date.