New Toolkit For Crimeware Sold For Black
Security researchers from Symantec the security company warn of 'Dream Loader' a just introduced crimeware toolkit, which cyber-criminals are selling for black.
Observes Andrea Lelli, security researcher at Symantec, the toolkit in version 0.3 is more-or-less fresh as also its source appears to be Russia. Moreover, it was during November 2010 that the kit was first discovered and since then it has been load plug-ins and modular, Lelli says. Softpedia.com published this on December 19, 2010.
Meanwhile, compared to other toolkits, Dream Loader has a slightly varied price. The backdoor Trojan in a tailored edition along with the malware's related Web-interface can be bought for $550 without the associated builder though. Consequently, the Dream Load writers manage fetching an extra $30 when customers demand a modification.
Says Lelli, there's also an option for users to mention which command-and-control (C&C) server along with communication port they want, so that the toolkit may develop a backdoor suitably. Infosecurity.com reported this on December 20, 2010.
Furthermore, Lelli states that the command-and-control server contains a conventional way of implementing within SQL and PHP with dual components- the statistic web-page and the gate. The stats web-page belongs to the administrator on which hackers log in to regulate their bots and issue instructions, while the gate works like a web-page that the backdoor routinely contacts to take fresh instructions.
According to Symantec, this backdoor is identified as Trojan.Karagany, which's only capable of downloading and executing malicious .exe files alternatively, making itself up to date indicating that criminals are employing it for pay-per-install activities.
Additionally according to Lelli, the Trojan conceals itself on contaminated computers using certain common tactics that still prevent users from noticing it. He adds that the pack's creators as well canvass that the bots' forthcoming editions will be revised so those will have fresh features like support for FTP and SOCKS5, keylogging, and DDoS condition.
Eventually, the above kind of toolkits for making crimeware can be commonly found within the underground economy. One other similar kit is Zeus that's quite popular for its powerful and easy-to-use features as it captures personal information stored on remote PCs.
Related article: New Zealand Releases Code To Reduce Spam
» SPAMfighter News - 30-12-2010