Crimeware Marketing Branches Out to Social Networks
Contributed by: Email on 04/26/2013 02:05 PM
[
Comments
]
Want to buy a botnet? Just go to Facebook!! No longer is the secrecy of underground forums where financial malware and crimeware kits are traded; where the privacy is so valued by the criminals. Expert Limor Kessem found this week that a new fraud service was being marketed over Facebook.
An Indonesian-speaking person, was selling a customized botnet panel for the Zeus Trojan on Facebook. From RSA Securitys FraudAction Research Lab, expert Limor Kessem this week found a new fraud service.
Kessem said the Facebook page was updated frequently with information about botnets, exploits and their version of Zeus.
Beyond having compiled a working Zeus Trojan kit, the developer customized an attractive control panel for the admin (basic and familiar in functionality, and taken from previous Zeus versions), the developer and his team created a demo website for potential buyerswhich they have no qualms about sharing publicly, Kessem said.
While high-end underground forums are out of reach for many, others such as this developer, might be trying to expand their reach with his own version of the banking malware and taking advantage of a market shift where some of the more professional malware dealers have been laying low.
Underground forums are fairly well protected; these folks want to keep a low profile, said George Tubin, senior security researcher at Trusteer. But, you can imagine that maybe some want to branch out a little and get into a new market and attract folks who are not part of this secret underground as a way to reach out. Maybe they want to reach out to a new group of folks with no access to forums or dont know how to get to them.
An Indonesian-speaking person, was selling a customized botnet panel for the Zeus Trojan on Facebook. From RSA Securitys FraudAction Research Lab, expert Limor Kessem this week found a new fraud service.
Kessem said the Facebook page was updated frequently with information about botnets, exploits and their version of Zeus.
Beyond having compiled a working Zeus Trojan kit, the developer customized an attractive control panel for the admin (basic and familiar in functionality, and taken from previous Zeus versions), the developer and his team created a demo website for potential buyerswhich they have no qualms about sharing publicly, Kessem said.
While high-end underground forums are out of reach for many, others such as this developer, might be trying to expand their reach with his own version of the banking malware and taking advantage of a market shift where some of the more professional malware dealers have been laying low.
Underground forums are fairly well protected; these folks want to keep a low profile, said George Tubin, senior security researcher at Trusteer. But, you can imagine that maybe some want to branch out a little and get into a new market and attract folks who are not part of this secret underground as a way to reach out. Maybe they want to reach out to a new group of folks with no access to forums or dont know how to get to them.
Comments
