botnet configuration files

Citadel Trojan Updates with Dynamic Config Mechanism that Streamlines Fraud Activity

The elusive authors of the Citadel Trojan have released a new version of their banking botnet malware and service. The latest version, the sixth since it debuted in January and dubbed Rain, includes a dynamic configuration mechanism that allows botmasters to inject malicious content to compromised browsers on the fly. This real-time interaction with bots avoids the need to send an updated configuration file to the entire botnet and lessens the risk of detection by security operations.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.