Zeus

New Trojan #INTH3WILD: Is Cybercrime Ready to Crown a New “KINS”?

Was that a typo? What is a “KINS”? Well, it appears that KINS is the name of a new professional-grade banking Trojan that is very likely taking its first steps in the cybercrime underground and could be poised to infect new victims as quickly and effectively as its Zeus, SpyEye and Citadel predecessors. Some Cybercrime…

ECAT and Zeus revisited: P2P edition

Our team likes to use variants of Zeus to test and demo ECAT’s capabilities. Zeus is definitely on the mature side for a malware family, yet its authors update Zeus on a regular basis, ensuring low AV detections with the most recent variants. Zeus is not targeted malware by any means, in fact quite the…

Whitehats vs. Blackhats: Techniques of the Cybercrime Elite Trickle Down to the Public Domain

By Mor Ahuvia, Cybercrime Communications Specialist, RSA Advances made in the cybercrime world over the past year prove that the trickle-down effect does not only apply to tablet computers and space tourism. Rather, much like real world products, techniques that were once reserved for the cybercrime elite have trickled down to the public domain, bestowing…

Now You Z-(eus) It, Now You Don’t: Zeus Bots Silently Upgraded to Citadel

The FraudAction Research Lab has recently analyzed a Zeus 2.1.0.1 variant downloading an additional Trojan into infected PCs by fetching a Citadel Trojan (think of the Borg on Star Trek).  RSA is witness to many Zeus botmasters who upgraded and moved up to Ice IX neighborhoods, and now, to yet another summer home – Citadel…