Normally, it’s the initial release of malware that has security experts worried, but the free availability of tools to make the ZeusVM banking Trojan could send some firms into a panic.

Source code for the builder of ZeusVM — also known as KINS — as well as its control panel has been online since last month, according to MalwareMustDie!, a blog run by a security research organization of the same name. The binary generated by the builder that was leaked on the Internet is a newer version of the botnet-making tool.

As Computerworld pointed out, anything that helps cybercriminals make their own variant on the ZeusVM malware is a major concern, given its track record of stealing online financial credentials and other sensitive information. Provided they know how to alter the connectivity features of the Trojan’s command-and-control (C&C) server settings or browser URL settings, cybercriminals could create a powerful new weapon.

It’s possible law enforcement authorities or other officials could take down the leaked files, but as The Register suggested, it may already be too late to avoid what it described as a possible “bot-geddon,” or a huge wave of malware based on ZeusVM. Increased awareness among CISOs and their teams may be the only course of action, encouraging banks and other enterprises to be particularly vigilant in their monitoring for new attacks.

Already, at least six new botnets based on ZeusVM have been identified since the leak, SC Magazine reported, and version 3.0 of the malware is reasonably affordable for criminal collectives at a price point of $5,000 on the black market. Before the summer is over, it’s reasonable to expect the number of related threats could increase sharply, given that cybercriminals will probably take note of the news, as well.

Beyond looking over their shoulder, IT departments and security experts may want to study the ZeusVM data leak to see if they could use the information to build their own protection mechanisms. Videos embedded in a Softpedia post showed details on how malware would be hidden inside an encrypted JPEG file as well as an overview for building KINS botnets. It could be a race between malicious attackers and CISOs to see who makes the best use of this information first.

More from

Vulnerability resolution enhanced by integrations

2 min read - Why speed is of the essence in today's cybersecurity landscape? How are you quickly achieving vulnerability resolution?Identifying vulnerabilities should be part of the daily process within an organization. It's an important piece of maintaining an organization’s security posture. However, the complicated nature of modern technologies — and the pace of change — often make vulnerability management a challenging task.In the past, many organizations had to support manual integration work to get different security systems to ‘talk’ to each other. As…

How I got started: SIEM engineer

2 min read - As careers in cybersecurity become increasingly more specialized, Security Information and Event Management (SIEM) engineers are playing a more prominent role. These professionals are like forensic specialists but are also on the front lines protecting sensitive information from the relentless onslaught of cyber threats. SIEM engineers meticulously monitor, analyze and manage security events and incidents within an organization. They leverage SIEM tools to aggregate and correlate data, enabling them to detect anomalies, identify potential threats and respond swiftly to security…

Tequila OS 2.0: The first forensic Linux distribution in Latin America

3 min read - Incident response teams are stretched thin, and the threats are only intensifying. But new tools are helping bridge the gap for cybersecurity pros in Latin America.IBM Security X-Force Threat Intelligence Index 2023 found that 12% of the security incidents X-force responded to were in Latin America. In comparison, 31% were in the Asia-Pacific, followed by Europe with 28%, North America with 25% and the Middle East with 4%. In the Latin American region, Brazil had 67% of incidents that X-Force…

Cost of a data breach 2023: Geographical breakdowns

4 min read - Data breaches can occur anywhere in the world, but they are historically more common in specific countries. Typically, countries with high internet usage and digital services are more prone to data breaches. To that end, IBM’s Cost of a Data Breach Report 2023 looked at 553 organizations of various sizes across 16 countries and geographic regions, and 17 industries. In the report, the top five costs of a data breach by country or region (measured in USD millions) for 2023…