Is Cybercrime Ready to Crown a New KINS?
Was that a typo? What is a “KINS”? Well, it
appears that KINS is the name of a new professional-grade banking Trojan that
is very likely taking its first steps in the cybercrime underground and could
be poised to infect new victims as quickly and effectively as its Zeus, SpyEye
and Citadel predecessors.
SOME CYBERCRIME HISTORY
Since December 2012, when the spokesperson of the
Citadel team took the Trojan off the semi-open underground market, cyber
criminals have been scrambling to find a replacement. The moment Citadel was
off the market, the deep-web enclaves, where fraudsters congregate, became
awash with fraud-as-a-service deals for Trojan binaries and hosting packages.
During the dry months that had suddenly befallen the lower ranking cyber
criminals, a few shady malware developers attempted to make a few bucks by
trying to appease them with basic malware and converted HTTP botnets (Trojans
that carry out lists of tasks, equipped with a form-grabber), but even the
pseudo return of the Carberp Trojan left the underground hungry for more.
The clear and resounding truth was that botmasters
have not had to face such a situation since the Limbo Trojan was released in
2005. The ongoing turbulence since the leak of the Zeus code in mid-2011 has
not given way to a stable offering in the underground, and it seems that
professional cybercrime malware developers are just not what they used to be.
Underground chatter increasingly reflects the
growing appetite for new, ‘real’ banking malware in the online fraud arena,
featuring discussions by criminals who would eagerly welcome a new developer
and jointly finance a banker project if one would only make sense to them.
Read the rest of this post here
Comments
Post a Comment