BE2 and Malware Evolution Highlighted During Miami Conference

SecureWorks, a security company based in Atlanta, recently made a couple of presentations during a conference in Miami (Florida, US). One of them from the company's Director Joe Stewart discussed a finding he made of one fresh version of a botnet called BlackEnergy. The other presentation from Technical Director Jason Milletary, also a security researcher at SecureWorks, focused on how malware was evolving.

Stewart through his presentation "BlackEnergy 2 Revealed" disclosed that cyber-criminal gangs continued to attack Russian and Ukrainian banks through sophisticated means. To carry out these attacks, cyber-criminals revised BlackEnergy from top-to-bottom. The BlackEnergy botnet was a well-known toolkit leveraging hack-by-numbers technique that was until recently being used for launching distributed denial-of-service attacks, Stewart indicated.

Moreover, criminal gangs in Eastern Europe are exploiting the increased abilities of the BE2 (BlackEnergy 2) botnet for moving out funds illegally from e-bank accounts. Additionally, they are bombarding banks with such huge amounts of data that the institutions can hardly handle them, says Stewart. The Register published this on June 16, 2010.

Stewart further noted that despite the absence of the BE2's Trojan builder kit as well as any documents revealing the name "BlackEnergy 2," SecureWorks' threat intelligence specialists are sure that the fresh Trojan had evolved from BE version 1.

Actually, the earliest BlackEnergy code's different fingerprints can be seen all through the new BlackEnergy 2 Trojan. Similarly, the fingerprints pertaining to other codes are also found which the BlackEnergy creators released from time-to-time.

Furthermore, besides Stewart's discussion, Milletary in his presentation on "Understanding and Combating Man-in-the-Browser Attacks (MITB)" discussed how malware evolved as well as its integration with an affected Web-browser's functionality to launch sophisticated data theft assaults.

Historically, these attacks greatly focused on the financial sector for finance; however, indications are now that other diverse areas are also being targeted. Milletary, in his presentation, examined many malware families which used MITB abilities and also discussed how the threats could be identified and mitigated.

Eventually, based on the two presentations, both Stewart and Milletary advised users for maintaining caution as well as deploying up-to-date security programs to ward off hackers' attacks on their computers.

Related article: BOA Concerned about Safety of Team Data

» SPAMfighter News - 6/24/2010