The advantages of open source software are taking on a new twist as researchers discover new variants of the Zeus malware that enhance its original functionality.

Zeus is a particularly nasty Trojan that specializes in stealing bank credentials and hijacking banking transactions in real-time. Used widely by cybercriminals, it is difficult to eliminate and poses a significant threat to both businesses and online-banking users

Starting from the available source code, cybercriminals are modifying the code to make the malicious software better at evading security software, as well as enhancing it to make it harder for researchers to determine the command-and-control servers that the malware relies on.

According to Aviv Raff, CTO and co-founder of Seculert, this includes attempts to obfuscate the configuration file used by the malware, by requiring a specific key in order to download it. 

Kaspersky Lab expert Jorge Mieres observed in a blog post: "It is clear that from now on, more new crimeware will be based on ZeuS code. New developers, hoping to profit from cybercrime, will attempt to create their own new alternatives based on this source."

With some of these banking Trojans costing up to $10,000, it is highly unlikely that development of more sophisticated malware will cease anytime soon.

For more:
- check out this article at PCWorld
- check out this article at CIO

Related Articles:
Know your hackers, from Anonymous to Zeus
Evidence of Zeus Trojan found in majority of Fortune 500 companies
Crackdown on Zeus banking scam unearths massive cybercrime outfit