SpyEye

The SpyEye trojan was supposed to be the banking trojan that would come to compete with Zeus. In the end, SpyEye was like all the men said to be heirs to Michael Jordan’s greatness. They had hype, they had potential, but they couldn’t take down the king. Zeus is the king, no doubt, but SpyEye made a fast disappearing splash.

At one point, parts of SpyEye botnet operation merged with Zeus’s into a meg-banking-botnet, but it would ultimately burn out without living up to the hype. It had its successes though. Attackers deployed SpyEye in an attack targeting Verizon’s online billing page pilfering users’ sensitive personal and financial information for more than a week without notice. It showed up on Amazon’s Simple Storage Service, using the cloud provider as a platform for attacks, it showed up on Android devices at one point, but a series of arrests and perhaps just a lack of effectiveness ended SpyEye’s run.

Three Baltic men were arrested in the summer of 2012 for using SpyEye to operate a highly organized banking information theft operation. In May of this year, an alleged SpyEye developer was arrested in Thailand and extradited to the United States, where he faces more than thirty counts of botnet and bank fraud related charge.

Since then, we haven’t heard a whole lot about SpyEye.