Carberp Trojan’s Source Code Revealed Online
Security Company Group IB, of late, had reported about Carberp, the Trojan whose source code appeared on different hacker websites for sale although, it was distributed through one folder which was protected with a password. Currently, people can find that password on the Internet, while according to many researchers, the code, without the slightest doubt, is authentic as well as it essentially consists of a bootkit pertaining to Carberp, published softpedia.com dated June 26, 2013.
Elaborating further, Security Expert Peter Kruse of CSIS states that inside the malware package that has been revealed online, there are Carberp's bootkit as well as the source codes of other malicious programs like Ursnif, Citadel, Stone bootkit, etc. Kruse says his organization has further uncovered many text files that consist of seemingly different usernames and passwords pertaining to many File Transfer Protocol (FTP) servers along with private chats. Softpedia.com published this.
Kruse further says that just like with ZeuS code's leakage, during May 2011, which
resulted in fresh tradable crime-kits that are even now getting utilized within assaults such as Citadel or IceIX, so with Carberp, the criminals have all possibilities for altering by appending fresh characteristics to the toolkit. Csis.dk published this dated June 25, 2013.
It, however, remains for being observed if the identical will happen with Carberp code's
revelation, although the leakage presently isn't any welcome news for end-users. For, the crime-ware kit can potentially land into the grasp of many more attackers thus endangering increasing consumers. Nevertheless, the leakage as well facilitates security researchers with closely examining the malware so they can become better equipped with designing defenses against it.
Meanwhile, although there's a genuine source code for the Trojan, its detailed assessment
isn't yet over.
Kruse adds that the code appears as complete, however, it can't be said whether there's
any fresh version alternatively whether there's a backdoor to it. Also, the code under trial looks fine as also it does its task well, however, because of its complexity as well as size, much time is required for understanding it thoroughly, the expert concludes. Threatpost.com published this dated June 25, 2013.
» SPAMfighter News - 29-06-2013