Tag: zeus
-
Paper: Prosecting the Citadel botnet – revealing the dominance of the Zeus descendent: part two
Aditya K. Sood and Rohit Bansal study the malware’s behaviour when ran on a physical machine. Last week, we published the first part of the paper ‘Prosecting the Citadel botnet – revealing the dominance of the Zeus descendent’. In it, researchers Aditya K. Sood and Rohit Bansal looked at the design and implementation of the…
-
Paper: Prosecting the Citadel botnet – revealing the dominance of the Zeus descendent: part one
Aditya K. Sood and Rohit Bansal dissect botnet primarily used for financial fraud. It is unlikely that anyone still thinks that cybercrime is performed by 16-year-old kids who write short pieces of code that wreak havoc all over the world, but if you do still hold that belief, it won’t hurt to take a look…
-
Game over for GameOver Zeus botnet?
Coordinated effort against gang that’s also behind CryptoLocker ransomware. A large, coordinated effort involving law enforcement, security vendors and various security researchers, has caused serious disruption to both the GameOver Zeus botnet and the CryptoLocker ransomware. GameOver Zeus is a particularly sophisticated variant of the Zeus trojan. Rather than a centralised command and control infrastructure,…
-
Windows Error Reporting used to discover new attacks
No excuse for sending error reports in cleartext. All happy programs are the same. But each unhappy program crashes in its own way. In a report published yesterday, security firm Websense has shown how Windows Error Reporting can be used to detect hitherto unknown attacks. Windows Error Reporting was introduced by Microsoft with Windows XP…
-
Significant rise in malicious spam and phishing
Over one quarter of malicious emails contain eight-year-old malware. Email security firm eleven has reported a significant rise in both malicious emails and phishing emails in the first quarter of 2012. In its latest quarterly report, the company says that while spam levels stayed more or less constant, the volume of emails with malware attached…
-
New Zeus/SpyEye botnet does away with command-and-control servers
Increasing use of UDP to avoid communication tracking. Researchers at Symantec have discovered a new parallel build of Zeus (also known as Zbot) and SpyEye that appears to be entirely controlled through peer-to-peer communication. Most botnets are controlled through a number of command-and-control servers, that are used to control the behaviour of the thousands of…
-
Zitmo trojan for Android defeats two-factor authentication
Malware intercepts TANs sent via SMS. A new variant of the Zitmo trojan has been discovered that infects mobile devices running the Android platform and which intercepts SMS messages from banks sending mobile TAN numbers, thus potentially defeating two-factor authentication. Two-factor authentication is used by many banks to prevent a customer’s online banking account being…
-
Zeus source code leaked
Banking trojan among the most advanced of its kind. Researchers at Danish security firm CSIS have discovered that the full source code of the Zeus crime kit has been leaked to underground forums. Zeus, also known as Zbot, is one of the most advanced kits of its kind. The Zeus trojan is commonly used to…
-
Cybercriminals frustrated with botnet trackers
Drastic measures discussed by users of online forum. Russian cybercriminals are willing to go to great lengths to frustrate services that hinder botnets created with the ZeuS and SpyEye exploit kits, according to security journalist Brian Krebs. Krebs managed to gain access to an exclusive Russian language forum that caters to cybercriminals. The forum’s users…
-
Eight Zeus-related money mules arrested
Arrests in US and Moldova show that cybercriminals aren’t immune to the law. Police in the US state of Wisconsin have arrested two Moldovan citizens who they believe have worked as money mules, transferring money stolen using the Zeus trojan to overseas bank accounts. Meanwhile, in Moldova six individuals – among whom is at least…