Trojan borrows Windows functionality

The latest version of Zeus Trojan introduces a hardware-based product activation scheme similar to what's found in Microsoft Windows operating system.

The new feature is designed to prevent so called "casual copying" by ensuring that only one computer can run a licensed version of the program. So, after installation, users must use a key that's good for just that one machine. According to an analysis of Zeus, this is the first time that someone uses this level of control for malware. Zeus creators have borrowed some other features from Microsoft so the price of the package depends on capabilities it offers. For example, a module that grabs data out of fields in Firefox costs an extra $2,000, and a VNC (eng. virtual network computing) module that allows users to establish a connection to an infected computer costs $10,000. The VNC functionality allows criminals to bypass some of the most advanced security measures, such as smartcards. Anti-virus programs deployed some new methods for Zeus detection so creators are planning to develop of new version that offers polymorphic encryption. It allows the Trojan to re-encrypt itself each time it infects a victim, giving each instance unique digital fingerprint. Original story can be found on The Register web site.