Is Cybercrime Ready to Crown a New KINS?

Was that a typo? What is a “KINS”? Well, it appears that KINS is the name of a new professional-grade banking Trojan that is very likely taking its first steps in the cybercrime underground and could be poised to infect new victims as quickly and effectively as its Zeus, SpyEye and Citadel predecessors.

SOME CYBERCRIME HISTORY

Since December 2012, when the spokesperson of the Citadel team took the Trojan off the semi-open underground market, cyber criminals have been scrambling to find a replacement. The moment Citadel was off the market, the deep-web enclaves, where fraudsters congregate, became awash with fraud-as-a-service deals for Trojan binaries and hosting packages. During the dry months that had suddenly befallen the lower ranking cyber criminals, a few shady malware developers attempted to make a few bucks by trying to appease them with basic malware and converted HTTP botnets (Trojans that carry out lists of tasks, equipped with a form-grabber), but even the pseudo return of the Carberp Trojan left the underground hungry for more.

The clear and resounding truth was that botmasters have not had to face such a situation since the Limbo Trojan was released in 2005. The ongoing turbulence since the leak of the Zeus code in mid-2011 has not given way to a stable offering in the underground, and it seems that professional cybercrime malware developers are just not what they used to be.

Underground chatter increasingly reflects the growing appetite for new, ‘real’ banking malware in the online fraud arena, featuring discussions by criminals who would eagerly welcome a new developer and jointly finance a banker project if one would only make sense to them.

Read the rest of this post here