Sality

Sality is a file-infecting virus that has been around for more than nine years. Sality has been ranked by Symantec as the number one malicious code family in 2010 by number of endpoint detections. It was apparently named after the Russian town of “Salavat City”, although the command and control servers are thought to be in the US, UK, and the Netherlands. It has been used to push spam, steal passwords, crack SIP accounts, and various other nasty things. 

Sality is a family of virus.  Sality.aa, is a popular polymorphic virus. Sality.aa, was followed by a different version of sality called as Sality.ae. This was built as an entry-point obscuring (EPO) polymorphic file infector, and overwrites files with complex and encrypted code instructions. It creates peer-to-peer (P2P) botnet and receives URLs of additional files to download. 

--
Dr.B.M 

Zeus

Zeus, often referred as Zbot is one of the popular crimeware  botnet typically engaged in data theft.  The term Zeus is used to refer to an entire family of trojans and their respective bot nets. It was reported by 2007.

It installs a rootkit component to remain hidden on infected systems. It is learnt that it disables antivirus and security software in an effort to disguise itself and avoid detection. It is reported that the worm injects itself into the address space of other running processes like Windows Explorer to remain active on infected systems. Refer the article on Zeus in ITNEXT.

It has again reemerged targeting the zero day threat exploited by stuxnet family. Security firm F-Secure has  reported the appearance of strains of Zeus exploiting  the same security hole exploited by the Stuxnet worm.

Let us Infoledge

--
Dr.B.M