
Citadel Trojan Updates with Dynamic Config Mechanism that Streamlines Fraud Activity
The elusive authors of the Citadel Trojan have released a new version of their banking botnet malware and service. The latest version, the sixth since it debuted in January and dubbed Rain, includes a dynamic configuration mechanism that allows botmasters to inject malicious content to compromised browsers on the fly. This real-time interaction with bots avoids the need to send an updated configuration file to the entire botnet and lessens the risk of detection by security operations.