“With the source code in the wild it’s likely we’ll see an increase in attacks since lots of potential criminals might have been lacking both financials and trustworthiness to obtain their own license of this kit. The code can easily be modified and even improved in functionality,” Kruse said in an email interview.
“We believe this will be used as both inspiration for new and complex banking Trojan variants as well as abused in future attacks. But the availability of the Zeus source code not only will likely wipe out the market for Zeus licenses, but will make the kit available to a different class of attacker. The kit itself can be quite expensive to buy, and researchers say that it can sell for roughly $5,000. Zeus has been sold in the criminal underground for several years now and versions of its have been found to be part of a number of targeted attacks. We even compiled it in our lab and it works like a charm,” Kruse wrote in a blog post. We already collected several addresses from where it is being distributed in aĬompressed zip archive. To the masses on several underground forums as well as through other channels. “This weekend we found the complete source code for this crime kit being leaked The Zeus exploit kit is perhaps the most well-known kit of its kind right now, and has been used by a variety of attackers for numerous malware campaigns and targeted attacks.ĭanish security firm CSIS saw copies of the Zeus source code appear on underground forums in the last few days and took the time to download and compile the code. Security researchers over the weekend noticed that files that appeared to contain the source code for the Zeus crimeware kit were starting to pop up on various forums frequented by attackers and cybercriminals. The source code to the infamous Zeus crimeware kit, which has been sold on underground forums for years, has been leaked and is now available for anyone to see if they know where to look.