Security Researchers Reveal - New Malware Napolar Embezzles Information and Initiates DDOS Attacks
Security researchers of security firm ESET and Avast have identified a new strain of malware, reported Softpedia.com on 25th September, 2013. Nicknamed Napolar, the e-threat is designed to embezzle information, initiate DDOS or distributed denial-of-service attacks and also operate as a 'SOCKS' proxy server.
Experts of ESET and Avast say that its authors began advertising the Trojan way back in May 2013 but it became active only at the end of July 2013.
What's exciting about 'Napolar' is that it is presently being publicized on a professional looking website and its writer has christened it 'Solarbot' and trades each build for 150 Euros or $200. The author says that Napolar/Solarbot was written in Lazarus IDE (integrated development environment) for Free Pascal.
Security researchers note that Napolar/Solarbot is dispersed via Facebook as files titled "Photo_032.JPG_www.facebook.co.exe". When execution of this file takes place, the victim is exposed to several pictures of eye-catching young females and concurrently the Trojan downloader steps into action.
Softpedia.com published a statement on 25th September, 2013 quoting the explanation of the above finding by Pierre-Marc Bureau, Security Intelligence Program Manager of ESET, as "As the malware has the capability to embezzle Facebook testimonials, its operator can recycle those testimonials to send posts from hijacked accounts and strive to contaminate the friends' of the victims".
Interestingly, the malware's functionality can be boosted with the aid of plug-ins. The bot's developers offer a plug-in SDK (software development kit) and give some illustration plug-ins to steal Bitcoin wallets or gather computer information.
As per data collected by Avast, Solarbot tries to infect numerous hundred of computers every day. The malware's distribution appears to be global but the most-affected countries are Colombia, Venezuela, Peru, Argentina, Philippines, Vietnam, Mexico, and Poland.
Though this bot is analogous in functionality to Trojans like Zeus or SpyEye which are already extensively used, its fame might increase as it is vigorously maintained, simple to use and can be extended effortlessly through plug-ins, researchers at ESET said.
Owing to its rock-hard malicious performance and realistic pricing of $200, this botnet may well be on the increase in the future, the Avast researchers cautioned, as published by pcworld.com on September 26, 2013.
» SPAMfighter News - 04-10-2013