Threat Database Trojans Zberp Trojan

Zberp Trojan

By GoldSparrow in Trojans

Threat Scorecard

Threat Level: 90 % (High)
Infected Computers: 4
First Seen: May 23, 2014
Last Seen: July 1, 2022
OS(es) Affected: Windows

The Zberp Trojan is a threat that was recently discovered after the Zberp Trojan was used to attack nearly five hundred banks and financial institutions all around the world, most in English speaking countries. The Zberp Trojan is just one more variant of the infamous Zeus Trojan. However, the Zberp Trojan integrates features from Carberp, a Trojan family with strong self-defense capabilities. Combining the two names has resulted in the name 'Zberp Trojan.' In fact, analyzing the Zberp Trojan's code makes it clear that the Zberp Trojan was assembled by combining the source code of Zeus and Carberp, which were leaked in 2011 and 2013 respectively. The Zberp Trojan has been linked to the Andromeda botnet, and the Zberp Trojan is starting to circulate. Fortunately, PC security researchers had already anticipated that ill-minded persons would combine both threat families after their respective codes were leaked to the public.

The Zberp Trojan may be as Threatening as the Zeus Trojan

The Zberp Trojan is a variant of the Zeus VM Trojan. The Zberp Trojan may allow a third party to gather data from your computer. The Zberp Trojan may take screen shots of your computer and track your keystrokes, sending this data to a third party. The Zberp Trojan also monitors your online activity and collects data entered into online forms, including credentials for FTP and POP. It may be possible to append additional features to the Zberp Trojan that may be used for more sophisticated, large-scale attacks.

The Zberp Trojan may protect itself and evade detection and removal using a variety of techniques. These include invisible persistence (allowing the Zberp Trojan to remain on your computer even when the anti-virus scan occurs after start-up). The Zberp Trojan also uses steganography to hide its configuration code in an image file, allowing the Zberp Trojan to bypass detection and remain on your computer undetected. The Zberp Trojan also may have the ability to tamper with your security software, interfering with your computer's security protection to protect itself. Update your security software immediately to protect your computer from the Zberp Trojan.


Most Viewed