First detected in 2007, multiple strains of the [[malware]] have been forked/built/developed from the original. The original malware was a botnet with a single [[Command and Control]] server. ## Common strains - Zeus Gameover: a variant on the botnet that has no centralised [[Command and Control|C&C]] - SpyEye: used for accessing bank accounts, either for robbery or [[money mules|money muling]] - Ice IX: can control content in a browser during a monetary transfer, and will use that control to extract credentials and private data - Carberp: a Russian strain commonly used to conduct financial attacks, using [[operating system]] level [[vulnerability|vulnerabilities]] - Shylock: a variant on the botnet that uses a domain generation algorithm to connect infected computers to multiple [[Command and Control|C&C]] servers ## [[attack vector|Vectors]] - drive-by downloads: infecting a legitimate site and adding the virus to the HTML/CSS/JS response - spam messages