Carberp Trojan in New Version on Sale

According to researchers at RSA Security, the much maligned Carberp Trojan's creators have started hiring/selling their ware to anybody looking for earning a profit by applying the cyber-crooks' techniques.

Occasionally, malware creators make their wares available solely to customers of choice so they may elude law enforcement track-down, whereas some others make their crime toolkits available for anybody ready to pay the price.

It's been beginning June 2010 that Carberp, also called Syscron, was first seen. Initially, the Trojan's developers employed the malware solely for personal malevolent utilities; however, during February 2011, they started trading their ware for $10,000 (EUR8,000), the cost which far exceeded that of SpyEye or ZeuS.

Moreover, following the sale of Carberp to numerous cyber-criminals, the Trojan's creators withdrew it from trade, while just kept on lending support in favor of existing clients. But, the support didn't continue; consequently, everybody thought that the Trojan was no longer in existence.

Presently, the creators are apologetic to their clients because of discontinuing the promised support, so they're offering one fresh variant of the malicious program.

The Carberp criminals were selling their creation within the open-market for the first time, stated Communications Specialist Limor Kessem who also leads the FraudAction Team at RSA Security. Threatpost.com published this (December 14, 2012). According to Kessem, the banker Trojan's latest variant is found containing data-capturing capabilities along with the builder-kit and bootkit namely Rovnix priced enormously: USD40,000. But customers can purchase Rovnix for USD2,000-10,000 also though without its bootkit and builder-kit.

Kessem stated that the price-tag of $40,000 for the Carberp suggested it was highly advanced and expensive as opposed to any other malware. No other malware was so exaggeratedly priced. And though it wasn't recorded as to who was purchasing the Trojan, the developers believed Carberp's demand would rise. With the necessary know-how and resources, one could operate the program. No malicious program had a ready wizard included. It all required knowledge of Windows internals as well as systems. Anyone buying the Trojan would require knowing how he was operating it; it wasn't as simple as thought, the Specialist explained. Isssource.com published this (December 17, 2012).

Related article: Corporate Workforce Push Out 50% Unproductive Web Traffic

» SPAMfighter News - 12/25/2012