What is Zeus?:
Zeus, often spelled ZeuS, is a crimeware botnet typically engaged in data theft. Zeus is also often referred to as Zbot. Zeus is not a single botnet nor a single trojan, but rather refers to an entire family of trojans and their respective botnets. Zeus bots undergo constant updates, sometimes several times a day, subsequently there are thousands of variants of Zeus. Data theft activities range from large scale attacks on banks, to intellectual property theft from corporate and government victims, to phishing attacks on individuals.
What is a Botnet?:
A botnet is a collection of compromised (infected) computers under the collective control of remote attackers. The malware on the infected computer is known as a bot, a type of backdoor or remote access trojan (RAT). Bots communicate with botnet command and control (c&c) servers, enabling the remote attacker to update existing infections, push new malware, or instruct the infected computer to carry out specific tasks. In general, the presence of the bot gives the remote attacker the same abilities as the legitimate logged in user.
More About Zeus:
Zeus installs a rootkit component to remain hidden on infected systems. Typically, Zeus also disables antivirus and security software in a further effort to avoid detection. To bypass firewalls and to remain active on infected systems, Zeus injects itself in the address space of other running processes (typically Windows Explorer).
Zeus was originally discovered in 2007, primarily spreading by sending malicious spam. Zeus quickly moved to the Web, teaming up with the LuckySploit framework in order to distribute the trojans through compromised websites.
In early 2010, researchers from NetWitness announced the discovery of a cache of stolen data from 2500 corporate and government victims. The stolen data was harvested by one of the many Zeus botnets. This particular 'branch' was dubbed Kneber, so named because the fictitious domain registration details listed "Hilary Kneber" as the domain owner.