UK police make Zeus Trojan arrests

Two people were arrested in Manchester earlier this month on suspicion of distributing the Zeus banking Trojan

The Metropolitan Police Central e-Crime Unit made two arrests earlier this month for suspected use of the Zeus Trojan.

A man and a woman, both 20, were apprehended in Manchester on 3 November in Europe's first arrests with regard to Zeus, according to a Met Police statement on Wednesday.

A Met Police spokesperson told ZDNet UK on Thursday that a man and a woman had been arrested for suspected criminal distribution of the Trojan, which is also known as Zbot.

The two have not yet been formally charged, said the spokesperson, who added that they have been given police bail while the investigation continues.

"There is a vast amount of data that has been harvested — millions of lines of data," said the spokesperson. "It will take some time for [the police] to go through that."

The Zeus Trojan is designed to steal financial data and is sold as a kit. According to a 2008 blog post by RSA senior researcher Uriel Maimon, the Trojan has "many startling capabilities". It can keylog browser submission forms, take screenshots of a victim's machine, steal passwords and allow a hacker to control the system.

The kit also contains a binary generator, making each instance of the Trojan a different file in an attempt to avoid anti-malware software, wrote Maimon.

The Met Police said on Wednesday that the Trojan allegedly used by the arrested individuals is believed to have infected tens of thousands of computers worldwide, allowing access to personal information on those machines.

The harvested information included online bank account details and passwords, credit card numbers and information such as passwords for social networking sites.

"Given the amount of information stolen, the potential financial gains to the culprits, and losses to individuals and institutions, are very substantial," said the statement.

"The Zeus Trojan is a piece of malware used increasingly by criminals to obtain huge quantities of sensitive information from thousands of compromised computers around the world," said detective inspector Colin Wetherill of the Police Central e-Crime Unit in the statement. "The arrests represent a considerable breakthrough in our increasing efforts to combat online criminality."

The Met Police spokesperson said the arrested couple are not considered to be at risk of flight. To meet their bail conditions, they have to report to a police station in Greater Manchester in March.

They were arrested by the Police Central e-Crime Unit and Greater Manchester Police under the Computer Misuse Act 1990 and the 2006 Fraud Act.