What is the Zeus trojan?

Zeus (also known as ZeuS, or Zbot) has been around since 2006 and is the most widespread banking trojan, having infected tens of millions of computers. The malware is available as a toolkit, so hackers can use the source code to build their own variants.

Once a computer is infected, the ZeuS virus can automatically collect passwords from a Protected Storage, and even take control of your PC to download files, shut down, reboot, or delete system files, causing your computer to crash.

However, hackers most commonly use it to monitor targeted websites, add fields that weren’t originally there, and steal your information. For example, instead of your username and password, you may be asked for your phone number, date of birth, and other sensitive data which could eventually lead to account theft.

Who is the Zeus trojan targeting?

Anyone using a Windows PC can become a victim. Even with up-to-date antivirus software, this type of malware can be difficult to detect. Tens of millions of PCs have been infected with Zeus, or different versions of it.

Since its first development, Zbot has been used to steal information from the US Department of Transportation, The Bank of America, NASA, and private companies like Monster.com, ABC, Oracle, Cisco, and Amazon.

Where does the Zeus trojan come from?

The Zeus virus can make its way to your computer through spam emails or compromised websites. Emails often appear to be sent from legitimate sources — Starbucks inviting you to a special event, Facebook or LinkedIn asking you to log in to accept a friend request, or your bank claiming someone has made a payment in your name, and inviting you to download an executable file to cancel it.

How to recognize the Zeus trojan

Because hackers can code their own Zeus trojans and use stealth techniques to hide them, new variants can be difficult to detect. Random headers, different file extensions and changes to the malware’s encryption help disguise Zbots as legitimate applications.

Once your computer is infected, the virus remains dormant until you visit one of the targeted websites. That’s when the trojan adds extra fields, asking for your personal details. The information is then sent to remote URLs via HTTP POST, and often sold on the black market.

How to remove the Zeus trojan

Avast Antivirus is able to locate and remove any type of Zeus malware. If the virus is detected on your PC, Avast will send it to the Virus Chest, and then you can safely delete it. It’s not necessary, but it’s recommended that you go offline first.

How to prevent the Zeus trojan

Zeus malware most commonly spreads through spam emails and phishing scams. Keep in mind that that many of these messages might look like they’re coming from trusted sources. A little bit of caution can help prevent Zeus malware from infecting your PC.

  • keep your antivirus up-to-date
  • use Internet protection that helps you avoid spam and fake websites
  • run regular scans to detect suspicious files on your PC
  • avoid spam and misleading messages on social media networks
  • don’t click on suspicious links
  • don’t download unlicensed or unknown software
Use anti-malware to protect yourself

To keep your files and personal details safe from hackers, it is vital to use an up-to-date antivirus. Avast Free Antivirus offers essential protection from all types of malware, while Avast Internet Security offers additional features to help you avoid fake websites and spam emails.

Why Avast?
  • Consistently rated “excellent” by industry experts
  • Trusted by 400 million people worldwide
  • It’s the "Antivirus with the lowest impact on PC performance” (AV comparatives)
  • Best features - unbreakable password security, home network protection, browser cleaning and much more
  • All for FREE
FREE DOWNLOAD