Supertrojan Supersighs Me

While trying desperately to catch up with some email before flying out for the upcoming AMTSO workshop, I came upon a reference (tip of the hat to Rob Slade) to an article by Loren Grush about a "Supertrojan computer virus".

Despite my inevitable supersighs at terminology that confuses "Trojan" and "virus", this turns out not to be an "end of computing as we know it" hypefest (or a TEOTWAWKI, as Graham Cluley is apt to refer to overblown security stories. A pity, really, as I would have loved to get the chance to describe a Fox as a Chicken Little

In fact, the story turns out to refer to the SpyEye/Zeus hybrid that's been anticipated for many moons, and in particular to a recent story by Brian Krebs on the "merger." (See also SpyEye vs. ZeuS Rivalry for a more rounded view on whether the merger is quite as straightforward as the Fox article suggest.)

By the way, is always worth monitoring if you're interested in security news ahead of the curve, though on this occasion I nearly missed it. (Another tip of the hat, this time to Paul Ferguson.)

Zeus-associated malware (and that includes SpyEye and "SpyZeuS") isn't supernaturally difficult to detect. It is, however, pretty adaptive and has introduced, from time to time, some innovative counter-detection techniques. Current developments certainly don't suggest that that is likely to change, even if the name does. In fact, a more recent story by Brian Krebs indicates a likelihood of more Zeus-associated malcode to come.

But the sky is not falling.

ESET Senior Research Fellow

Author David Harley, ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.