Crimeware


Brazen Crimeware Marketing Branches Out to Social Networks

The secrecy of underground forums where financial malware and crimeware kits are traded is well guarded, to the point that few are able to penetrate them without some kind of internal sponsor. Here, criminals value their privacy as much as those from whom they steal. That’s what makes a recent discovery from RSA Security’s FraudAction […]


By Dmitry TarakanovMy colleague Jorge Mieres recently found a C&C server of a botnet based on a malicious program called Ice IX. As announced on several user forums, Ice IX is a bot created using the source code of ZeuS 2.0.8.9, which became publicly available in May. The author of the new bot says the program includes substantial enhancements, which should be interesting to those cybercriminals who steal money from users with the help of banking Trojans.

Crimeware kits have become a ubiquitous part of the malware scene in the last few years, but they have mainly been confined to the Windows platform. Now, reports are surfacing that the first such kit targeting Apple’s Mac OS X operating system has appeared.

VolgaHost, a hosting provider notorious in the security community for hosting botnet command-and-control servers and other services related to online crime has been taken offline, and a number of servers involved in the Zeus crimeware operation are offline, as a result.

We know a lot about the effects of malicious programs like rootkits and Trojan downloaders. The job of finding out exactly how the programs work, however, is painstaking. That’s because most malware authors worth their salt take steps to make their creations hard to understand. Code obfuscation and anti-debugging are common features of most sophisticated, modern malware. With patience and endurance, however, researchers are often able to pierce the veil, anyway.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.