Microsoft Combats Zbot Trojan With Removal Tool

Microsoft is stepping up its effort to clamp down on the Zeus botnet with the release of a new detection and removal tool.

The new Windows tool is aimed at getting rid of the Zeus botnet, known as Zbot, which is notorious for targeting banking and other financial institutions.

Zbot comes equipped with malware aimed at accessing bank accounts and stealing financial data. Over the past three years, the Zeus botnet made its name as a password-stealing Trojan designed to access accounts for banking and other Websites. Once it infiltrates a user's computer, the Trojan creates a backdoor that enables access to a user's system while disabling certain security software. It then turns the affected computer into a drone, which then further spreads the malware to other computers via an array of security attacks, including spam, drive-by-downloads and other malware that exploits vulnerabilities.

Microsoft said in a blog post Tuesday that while the banking malware is technically sophisticated, the distribution method is easy for hackers to deploy with automated toolkits.

Zbot infections started to emerge in April 2007, but began to skyrocket in December of 2009 and early 2010, reaching a height of more than than 200,000 in January, according to Microsoft.

Next: Microsoft To Keep Tabs On Zbot

"The family is quite prolific even if the intent behind some of the botnets is unclear. That said, we find ourselves knocking on Zbot's door this month, and we're glad we are," said Matt McCormack, Microsoft researcher, in a blog post Tuesday. "Zbot is the latest addition to MSRT's ever-growing list of malware, and we hope to continue protecting the Windows ecosystem with this new family firmly in our sights."

Microsoft security researchers recommend that users keep their antivirus software up-to-date and install current patches in order to reduce the risk of becoming infected.