Just read the news today that the Zeus source code has been made public and can be downloaded by anyone. Luckily that the RARed file is password protected and prevent malicious people from using it as the code was written in Visual C++ (probably VC++ 2005 - 2010) and PHP and easy to compile it. The source code is already made public around couple of weeks ago and probably sold by the malware author.
At the time I was writing this blog, there is no sign that people already crack the password. This could be dangerous once the password is cracked especially when it's fall into a wrong hand.
UPDATE - 06/04/2011
The source code seem to be already posted at r00tw0rm.com which is currently down due to the missing file.
The CMS they are using is probably vBulletin which is contain missing file.