Zbot trojan is a information stealing Trojan which uses any pdf document and once this trojan is saved inside the computer then that’s it.Its enough for the trojan if the pdf is just opened by the user.Trojan starts executing some malicious code and also can send information to another remote server.It seems this kind of Trojan sends the information to the remote server located in China.
If any pdf is filled with this Trojan and if the user downloads this pdf then you will be prompted to save a file named “Royal_Mail_Delivery_Notice.pdf”.After saving this file original file will also be saved and if you open the pdf then this Trojan starts its execution.
The Zbot trojan creates a subdirectory under %SYSTEM32% with the name “lowsec” and drops the “local.ds” and “user.ds” files. It also drops an executable “sdra64.exe” and modifies the registry entry “%SOFTWARE%\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit” to launch itself during system startup. When it runs, it injects malicious code into the Winlogon.exe instance in memory.
Thus Zbot acts as a back door for some remote computers to get full access of your machine and also it acts as frontgate for many spywares and adwares to get intruded into the machine.
After the major attack on Google’s intellectual property from inside China it has set up some standards internally to avoid such kind of attacks in future.The major attack happened due to the old browser which in Internet Explorer 6 version.Attackers used this loop hole and went deep inside the system and also penetrated other systems and accessed the important properties of Google.
Now Google has planned to upgrade all systems with the latest browsers and has increased the security in its firewalls so that attackers will not be able to penetrate their walls.Though Microsoft has released the immediate patch on Internet Explorer 6 to avoid the attacks but before that itself major damage was done.
Google has decided to use more web based computing products like Chrome OS in future.Eric Schmidt has also urged their employees to make sure that all their computer uses latest version of the browser and the Operating systems.