ZeuS Lets Anyone Become an Online Thief

ZeuS seemed like just another nasty program designed to clean out bank accounts. Turns out it’s the building block of a new cybercrime economy — one that was simultaneously more lucrative, more democratized, and more professional than anything online crooks had done before.
This image may contain Graphics Art and Pattern

If you buy something using links in our stories, we may earn a commission. This helps support our journalism. Learn more. Please also consider subscribing to WIRED

When cybersecurity researchers discovered ZeuS in 2007, it seemed like just another nasty program designed to clean out bank accounts. Turns out ZeuS was the building block of a new cybercrime economy—one that was simultaneously more lucrative, more democratized, and more professional than anything online crooks had done before.

ZeuS allows would-be robbers to custom-build their crimeware. In a few clicks, they can choose which banks they want to hit, which scams to use to snare customers, and which method to employ to harvest all those account numbers and passwords. That, in turn, opens up the online heist racket to a whole new criminal demographic—advanced skills no longer required. If you can set up a web server, you can rob someone over the Internet. Just as Amazon web services made it easy to start a cloud-based company, ZeuS lets anyone become an online thief.

At first ZeuS was on the expensive side, with a basic setup running about $5,000. Then, in 2011, the source code was published online and the price dropped to as little as $200. Meanwhile, crooks began adapting the crimeware kit, making it much nastier. They upgraded ZeuS variants with domain-generation algorithms, which made it tough for authorities to take down ZeuS servers. Then they did away with those C&C servers altogether, turning ZeuS into a peer-to-peer system.

Should you need help, there’s a sophisticated and growing market of cybercrime entrepreneurs waiting to assist you. Botnets—chains of millions of infected computers—are available to rent for as little as $2 an hour. A basic denial-of-service attack? $30 to $50 a day. Infecting a single machine? As little as 7 cents, provided you buy in bulk. “Really, what we’re seeing is crime as a service,” says Jeff Williams of Dell Secure Works. “It’s copy-and-paste crime.”

Today millions of machines are believed to have been compromised by ZeuS and its progeny. An estimated half a billion dollars in damages has been accrued. And the heists are only getting easier to pull off. Who knows how many criminals just got themselves a new botnet while you were reading this?

[

Wired 01.01](https://www.hyzs518.com/magazine/2013/04/wired0101/) [

Dreams](https://www.hyzs518.com/magazine/2013/04/dreams/) [

Titans](https://www.hyzs518.com/magazine/2013/04/platon/)