English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

BlackEnergy Trojan Attacks Russian, Ukrainian Banks in New Version

Russian cybercriminals have come up with a more sophisticated version of the notorious BlackEnergy Trojan related to the 2008 cyber assaults against Georgia that now hits online customers of Russian and Ukrainian banks.

In the first week of March 2010 at the RSA Conference in San Francisco, a security researcher, Joe Stewart, revealed the botnet details, which he has named BlackEnergy 2, as per the news published by eWEEK.com on March 4, 2010.

SecureWorks stated that BlackEnergy 2 has been furtively developing for over one year; however, it still carries some of the traits of the first BlackEnergy. It also shows a major rewrite of codebase and has a modular design that makes use of plug-ins for its spam, malware and distributed denial-of-service (DDoS) capabilities.

Till sometime in 2009, BlackEnergy software was used just for distributed denial-of-service attacks with no known element of financial fraud. The victims of the botnet were usually gambling and pornographic websites as well as their network hosts, all of which endure attacks from extortionists or competitors.

Stewart informed that, this time, hackers are using Trojan with a two-way attack. It steals the online banking details of customers and then conducts a distributed denial-of-service (DDoS) attack on banks as a shield, as per the news published by dark READING on March 4, 2010.

He further said that while the banks are engaged in sanitizing their systems from the DDoS, the hackers might be emptying the bank accounts.

Apart from this, the Trojan module design along with plug-in causes damage to the file system of an infected PC on receiving a 'kill' command. The plug-in architecture is that what differentiates this botnet from others like Zeus, where extension is allowed without writing fresh source code into it.

Stewart tracked the botnet's activities to around one dozen targets, all of which were either Ukrainian or Russian banks. This is a deviation from the trend as Eastern European hackers usually prefer targeting banks in Western countries.

» SPAMfighter News - 12-03-2010

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>