New Cridex Banking Trojan variant Surfaces with Self-Spreading Functionality
2014-07-03, 02:36 PM,
#1
[Image: Geodo-banking-malware.png]

Quote:In an effort to infect large number of people, cybercriminals have developed a new malicious software program that contains functionality to spread itself quickly.

Geodo, a new version of the infamous Cridex (also known as Feodo or Bugat) banking information stealing Trojan works in conjunction with a worm that sends out emails automatically to continue its self-spreading infection method, effectively turning each infected Windows system in the botnet for infecting new targets, Seculert warned.

The Infected Windows systems in the botnet network download and install an additional piece of malware (i.e. an email worm) from the Botnet's command and control servers, provided with approximately 50,000 stolen SMTP account credentials including those of the associated SMTP servers.

The stolen SMTP credentials appeared to come from Cridex victims and with the help of those credentials, the malware then sends out emails from legitimate accounts to other potential victims, masquerading itself as a bank or financial organization, in an effort to continue its spread and majority of targets (over 46%) mostly belongs to Germany.

Continue reading here....
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  After Takedown, GameOver Zeus Banking Trojan Returns Again HawkEye 0 327 2014-07-14, 12:14 PM
Last Post: HawkEye
  WTF - Found Trojan On Fileice Reg Page IndeXer 3 482 2013-10-31, 07:48 PM
Last Post: alexparris




About Us | Contact Us | CPA Elites | Advertise | Stats | Staff Team

© 2013-2017 CPA Elites Ltd
Enhanced by MyBB and WallBB
Return to top