ZeusVM is a Trojan that circulates to compromised PCs as a configuration file which is covered as a safe image. ZeusVM is a new variation of the banking Trojan known as ZeuS that attacks financial institutions. ZeusVM is generated to retrieve its configuration file from an image. ZeusVM retrieves a JPG image from a server alongside other components. An image is copied from the Internet, but with some additional code added into it. Through the use of steganography, the cybercrooks have added the malware configuration data to the image without making any harm to it. The fact that the configuration file is covered as an image has a variety of advantages, incorporating the fact that the malevolent code can evade security tools. A computer user, whose PC is used for hosting the file would likely not suspect that the image is, in fact, a component of an infectious operation.
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.