Configuring Zeus: A case study of online crime target selection and knowledge transmission
Accepted version
Peer-reviewed
Repository URI
Repository DOI
Change log
Authors
Abstract
Abstract—Zeus is a well-known and effective family of ‘man-in-the-browser’ malware. This qualitative case study analyses posts in online cybercrime forums that discuss Zeus configuration. Online cybercriminals were found to share, sell, steal, and trade configuration files. The discussions and advertisements on the forums, which span four years, were found to evolve with market conditions and externalities, including Zeus being offered as a subscription service. The release of tools to decrypt configuration files by security researchers was also closely followed on the forums, and assisted offenders when it came to stealing configuration files from others.
Description
Keywords
46 Information and Computing Sciences, 4402 Criminology, 44 Human Society, 16 Peace, Justice and Strong Institutions
Journal Title
eCrime Researchers Summit, eCrime
Conference Name
Journal ISSN
2159-1237
2159-1245
2159-1245
Volume Title
Publisher
IEEE
Publisher DOI
Sponsorship
Engineering and Physical Sciences Research Council (EP/M020320/1)
This work was supported by the Department of Homeland Security (DHS) Science and Technology Directorate, Cyber Security Division (DHSS&T/CSD) Broad Agency Announce- ment 11.02, the Government of Australia and SPAWAR Systems Center Pacific [contract number N66001-13-C-0131] (to 30 September 2016); and the UK Engineering and Physical Sciences Research Council (EPSRC) [grant EP/M020320/1] for the University of Cambridge, Cambridge Cybercrime Centre (from 1 October 2016).