Trusteer says Carberp is currently targeting nine banks in the United States, Denmark, The Netherlands, Germany, and Israel, and is expected to eventually begin competing head-to-head with Zeus as the new Trojan of choice for fraudsters.
"The bad guys don't want to be popular. They want to make money and that has clearly been the major design goal for Carberp," TrustDefender's Baumhof says.
Bugat initially was focused on attacking U.S. banks, but has since been discovered targeting banks around the world. Jason Milletary, security researcher with SecureWorks Counter Threat Unit, says his team has witnessed an uptick in Bugat and Carberp activity. The newer, lesser-known malware can more easily remain under the radar than Zeus, he says. But that's not to say Zeus is simple for anti-malware tools to detect: It's constantly being tweaked to evade detection, he says.
Like in any other marketplace, Zeus has become the product of choice because it's easy to obtain and use, and is relatively inexpensive. There are even free toolkits available online, Milletary says. If one of the alternative Trojan families becomes as easily accessible and useful, then it could ultimately usurp Zeus at some point, he says.
But unseating Zeus any time soon would be akin to coming up with a brand-new operating system to rival Windows, Trusteer's Klein says. Even so, markets breed competition, he says, so in the end the alternative banking Trojans could give Zeus a run for its money. "I don't expect any real competition for Zeus in the next six months or so," however, he says.
Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.