Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

E-Banking Malware Gains DDoS Enhancement

Idappcom : 15 March, 2011  (Technical Article)
Idappcom comments on the role of hacktivists in the evolution of SpyEye banking system malware with distributed denial of service capability

The blame for a DDoS - distributed denial of service - enhancement being added on the infamous SpyEye ebanking malware has been laid at the feet of the WikiLeaks hacktivists by Idappcom.

According to the data traffic analysis and security specialist, it was almost certainly the development - and propagation - of the LOIC DDoS utility by supporters of the Anonymous hacktivist group that spurred cybercriminals into adding the `feature' to SpyEye.

"What we have been witnessing in the black hat hackersphere these last few months is a mirror image of evolutions in the so-called white hat security arena," said Anthony Haywood, Idappcom's chief technology officer.

"The development of the Low Orbit Ion Cannon DDoS utility showed that it is possible for a few concerted Internet users to stage a powerful DDoS attack on major sites such as MasterCard and this, in turn, made the cybercriminals behind SpyEye realise its potential and add the `feature' the online banking trojan," he added.

The Idappcom CTO went on to say that, had the Anonymous/WikiLeaks DDoS utility not been developed, then the world - on both sides of the white/black hat hacker divide - would have remained largely ignorant of what a powerful weapon a DDoS utility is.

SpyEye, he explained, is a form-grabbing trojan horse malware that operates in a similar manner to Zeus but has been marketed by cybercriminals as a lower-cost alternative darkware application that heists banking credentials from infected users' PCs.

The irony of the DDoS enhancement to SpyEye, Haywood says, is that it will push the price of SpyEye rentals to cybercriminals, and so increase the revenue stream for the developers of the trojan.

"Idappcom's in-depth research into darkware-driven side of Internet traffic, makes us realise what a breakthrough the DDoS enhancement to SpyEye really is. We already know that the development team behind the Zeus trojan has also been working on SpyEye since last October so it can only a matter of time before Zeus gets this enhancement as well," he said.

"This development really is bad news for those users of the Internet who access their banking system online, as it breathes new life into SpyEye, and prolongs the agony of online banking cybercrime," he added.

"It's to be hoped that the citizen evangelists realise the immense mistake they made in developing such a powerful cybercrime weapon as the LOIC utility, and that the genie really is now well and truly out of the bottle."

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo