It seems that files very similar to what has been called the Zeus cybercrime toolkit have appeared in some underground forums and are available for purchase.
The whole sales announcement and process has been set up by someone nicknamed IOO and it is supported by screenshots of portions of ZeuS code. IOO is not very restrictive when it comes to payments, paying for Zeus can be easily settled via any escrow services and more information can be offered via CIQ or Jabber.
The presented screenshots make reference to peinfector.cpp, the ZeuS project known as “Murofet”. Security researchers – while unable to verify the sale is genuine – are taking the potential offer seriously.
“Prior to this there were several rumors that the Zeus/Zbot code was sold to the creator of SpyEye,” writes Peter Kruse, an eCrime specialist who works for Danish security consultancy CSIS Security.”This is also currently unconfirmed – however what is certain is the fact that someone besides the author of the ZeuS/Zbot has access to the code.”
ZeuS is basically a cybercrime toolkit that allows cyber-crooks without any coding skills to develop banking Trojans. Crooks may purchase licenses for the use of this tool via underground forums. These enable them to develop keystroke logging tools that capture back login credentials before they are uploaded.
Last October, an announcement by the FBI told of the bringing down of a cyrbercrime ring, which with the help of Zeus, managed to steal $70 million. 5 Ukrainians suspected to be in charge have been arrested. The identity of the creator of Zeus is still a mystery.