The New York Times reports Zeus is a Trojan horse programme served to users through fake Facebook profiles which post links to other internet addresses owned by a Russian criminal gang called Russian Business Network.
Zeus has infected millions of machines, mostly in the United States. Once it infects a computer it remains dormant until the user logs into a banking site, after which it steals the victim's passwords and records keystrokes. It then empties the owner’s account.
According to The New York Times the malware is so sophisticated that it can replace the bank's website with a dummy page to allow it steal even more information, such as the user's Social Security number.
Zeus has been found to attack machines running on Windows but apparently does not work on Mac OS X or Linux. Variants of the malware have also been found to infect Android and Blackberry smartphones.
Eric Feinberg, founder of the advocacy group Fans Against Kounterfeit Enterprise (FAKE), told The New York Times he noticed an increase in Zeus-serving malicious links on popular N.F.L. Facebook fan pages, and sent the links to security lab Malloy, which confirmed the links on these pages were serving up Zeus malware.
Feinberg told the newspaper he contacted Facebook about the problem but found their response unsatisfactory. A Facebook spokesman reportedly said the company regularly scans for malware and provides users with means to fix malware problems themselves such as through the “Scan-and-repair malware scan”.