The trojan virus steals bank details and passwords
Two suspected computer hackers have been arrested in Manchester in a major inquiry into a global internet scam designed to steal personal details.
The trojan program is believed to have infected thousands of computers around the world, said the Metropolitan Police, which is leading the inquiry.
A man and woman, both aged 20, have been questioned and bailed until March 2010 pending further inquiries.
Police revealed the arrests were the first in Europe as part of the inquiry.
The investigation focused on the ZeuS or Zbot trojan - "a sophisticated malicious computer program", said police.
Zeus, also known as Zbot, is what is known as a banking trojan
Trojans are a type of program or message that looks benign but conceal a malicious payload.
Often distributed as attachments in email messages, and as software downloads masquerading as legitimate programs
Primarily targeted banking details but was also used to skim login information from social networking sites
Used a variety of different methods to steal details, including logging key stokes as a user entered password
Total number of machines infected unknown, but thought to run to several million
The trojan often changed to avoid detection by anti-virus software
The malicious software records online bank account details, passwords and credit card numbers to steal cash with the information accessed.
It also copies passwords for social networking sites before causing each computer to forward the data to servers under the control of the hackers.
It has emerged in several guises, including a false Facebook page that encouraged users to download a software update.
The pair being questioned were arrested on 3 November under the 1990 Computer Misuse Act and the 2006 Fraud Act.
Details of the arrests have only just emerged.
Det Insp Colin Wetherill said: "The ZeuS Trojan is a piece of malware [malicious software] used increasingly by criminals to obtain huge quantities of sensitive information from thousands of compromised computers around the world.
"The arrests represent a considerable breakthrough in our increasing efforts to combat online criminality."
One IT security expert described Zbot as one of the most notorious pieces of malware seen recently.
Graham Cluley, senior technology consultant for security firm Sophos, said: "It's not just a single piece of malicious software.
"It's a family with many different members, all adopting different disguises in their attempt to infect users, and steal information that could allow hackers to break into your bank account and social networking profiles.
"Once the bad guys have your bank account details they can raid your finances, if they have grabbed your Facebook or MySpace password they can use your account as a springboard for sending out more attacks to your friends and family."