Citadel Trojan Updates with Dynamic Config Mechanism that Streamlines Fraud Activity
The elusive authors of the Citadel Trojan have released a new version of their banking botnet malware and service. The latest version, the sixth since it debuted in January and dubbed Rain, includes a dynamic configuration mechanism that allows botmasters to inject malicious content to compromised browsers on the fly. This real-time interaction with bots avoids the need to send an updated configuration file to the entire botnet and lessens the risk of detection by security operations.
“Now this is done through their administration panel; this is a big deal,” said Limor Kessem, an intelligence expert with RSA Security’s FraudAction Research Lab. “Now they can directly communicate from command and control to a bot. It’s a much quicker interaction when doing real-time fraud. This shows us that this team is really serious. Their development skills are very strong; these are not amateurs.” Read more...
Learn more about this story:
ThreatPost: “Citadel Trojan Updates with Dynamic Config Mechanism that Streamlines Fraud Activity”
October 18, 2012
By Mike Mimoso
SC Magazine: “New Citadel trojan costs more, but allows for easier updates”
October 18, 2012
By Danielle Walker
Dark Reading: “Citadel Trojan Gets More Customer-Friendly”
October 18, 2012
By Kelly Jackson Higgins
SecurityWeek: “RSA: Citadel Trojan Armed With New Feature”
October 18, 2012
By Brian Prince
Softpedia: “Citadel Trojan Rain Edition Represents Fraud-as-a-Service at Its Best, RSA Says”
October 18, 2012
By Edward Kovacs
eSecurityPlanet: "Citadel Trojan Updated"
October 19, 2012
By Jeff Goldman
http://www.esecurityplanet.com/malware/citadel-trojan-updated.html
V3.co.uk: "Citadel banking Trojan upgrade delivers malware on the fly"
October 19, 2012
By Alastair Stevenson
http://www.v3.co.uk/v3-uk/news/2218496/citadel-banking-trojan-upgrade-delivers-malware-on-the-fly
Comments
Post a Comment