The Zeus is loose: Cybercriminal software package goes open-source

Hackers from the French Degenerescience association in a coffeehouse in Lille, northern France, on December 9, 2010.

"Zeus" is basically a software suite for cybercriminals, kind of the Microsoft Office of malware. It lets budding bad guys set up "botnets," secretly turning your computer into a slave, to do their bidding and send back your private information without your knowledge.

Until recently, Zeus cost thousands of dollars on the black market. But this week, the Zeus source code is out there for free -- anyone can download it, use it, improve it.

We talk first with Chet Wisniewski with the security firm Sophos. He says Zeus has let even novice bad guys get more sophisticated, particularly when it comes to skimming information while you're logged in doing online banking. He says now that the ability to run Zeus is free, we can expect more attacks from new cybercriminals getting into the game, but keeping your antivirus software up to date is a worthy defense.

Alex Cox, principal research analyst for NetWitness, points out open-source means open to everybody, including the network security and antivirus firms working to figure it out.

And just why has Zeus flown free? Did the evil genius behind it, and presumably making money from it, himself get hacked? Or is this part of the evil plan? Cox thinks he/they are moving on to bigger and badder things.

Finally, we take a diversion into an odd little development in the bizarre-branch-of-the-technology-family-tree known as electronic cigarettes. E-smokers, unite! (Your packs can soon give you a hand with that.)

About the author

Jeff Horwich is the interim host of Marketplace Morning Report and a sometime-Marketplace reporter.


I agree to American Public Media's Terms and Conditions.
With Generous Support From...

Sustainability Coverage

  • The Kendeda Fund
  • Wealth & Poverty Coverage

  • The Ford Foundation