Zbot Trojan Slips by Many Anti-Virus Applications

The Trojan Zbot, known as a banking Trojan that gives remote attackers access to an infected computer, has been discovered to evade most antivirus detection programs.

Zbot Trojan, or known as Zeus, has been around since the year 2006 where it was spread through spam messages that claimed to be a Microsoft Outlook critical update. A new study, taken place just recently of 10,000 computers infected with Zbot that had a majority running an up-to-date antivirus program, revealed that the antivirus programs only detected Zbot about 23 percent of the time.

In the study conducted by Trusteer, a security research firm, it was determined that no specific antivirus application had an advantage over one another in detecting and removing Zbot. Basically, Zbot is able to evade antivirus programs 77 percent of the time.

Security researchers believe that Zbot is able to go undetected because it uses a sophisticated morphing and rootkit method that allows it to penetrate deep into an operating system. It has been noted that we are seeing a rising number of parasites that use rootkit tactics to mask themselves or hide from security programs.

Although this study conducted does not verify that all parasites that use rootkit tactics will go undetected by security programs, it reemphasizes how hackers are developing more intelligent ways to spread infections.

Do you feel that hackers have an advantage over the makers of security programs such as antivirus applications?