Discord Server Twitter Donation Youtube
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Developers of Banking Malware Found to be Collaborating
Something is happening, malware vendors aren't deleting the competitor's malware anymore, instead they are choosing to work together and develop new and improved versions of current malware or new versions altogether. This is of course in an effort to share profits between the two parties.

Any system that is infected with IcedID, are actually downloading the "TrickBot" malware, this is a current version of the "Dyre" banking malware. IcedID was first spotted by researchers in November of last year. More recently, researchers from IBM's X-Force published a report stating to have discovered a new banking malware spreading via a spam campaign. Systems that are compromised end up getting infected with an Emotet downloader which will in turn grab the IcedID malware from the attacker's domain.

The team that discovered the malware thought that Emotet was compromised by the operators behind the "Dridex" banking trojan. IcedID is utilized by the attacker to maintain persistence within the infected machine, most of the systems that were infected were within banking sectors.

IcedID has been in the wild since early to mid 2017, and originally known as BokBot, the malware mainly targets Windows, and also has been found to associate itself with VNC computing modules for remote management and anti-malware bypass modules.

This is evidently an interesting event, vendors working together in a bid to share profits, to create and improve upon new and existing banking malware. This could spell disaster or it could mean a new age for the ever so determined black hat. Either way, I will be keeping an eye on it.

01001001 00100000 01000001 01001101 00100000 01011010 01001111 01000100 01001001 01000001 01000011
Interesting thank you, best writer.
* This is My Home *

Users browsing this thread: 1 Guest(s)