ISP interruptions trip up Zeus botnet
But the source of the Zeus banking Trojan is back in action after unidentified agents cut off upstream connectivity to an ISP in Kazakhstan.
The world's largest botnet, Zeus, has had its traffic disrupted by repeated disconnections of a Kazakhstani ISP, but a series of reconnections has revived its banking Trojan activity, according to security researchers.
The botnet mainly pushes out the Zeus banking Trojan, an information-stealing keylogger that relays sensitive data back to its controllers. The Kazakhstani Internet service provider AS Troyak provides network connectivity to six other ISPs that host Zeus botnet command-and-control servers. On Wednesday, the upstream connectivity to AS Troyak was cut by unidentified agents.
This disconnection resulted in the shutdown of 25 percent of the Zeus botnet, said security company ScanSafe, which is part of Cisco Systems.
Read more of "Zeus botnet shaken by ISP cutoffs" at ZDNet UK.