Trusteer Spotted i2Ninja Financial Malware
Security experts of security firm Trusteer have spotted a malware which, till lately, has been prowling in the 'dark shadows'. The threat nicknamed 'i2Ninja' is a fiscal malware identical to Zeus, Citadel and SpyEye.
According to Trusteer, i2Ninja offers identical set of potentialities as given by other key financial malware: 'HTML injection' and 'form grabbing' for all main browsers (Firefox, Internet Explorer, and Chrome), FTP (File Transfer Protocol) grabber and shortly to be out Virtual Network Connection (VNC) module. Moreover, the malware additionally provides a 'PokerGrabber' module targeting major poker websites and an e-mail grabber.
The i2Ninja malware takes its name from I2P which is a layer of networking similar to Tor that uses cryptography to provide secure communications.
Scmagazine.com published a comment on the latest malware by Etay Maor, Fraud Prevention Solution Manager of Trusteer saying that I2P is a 'true Darknet' which offers better security in comparison to Tor and explained how the added security layer makes it more complicated to investigate and realize the infrastructure and abilities of the malware".
However, Maor said that it won't take long before the encryption of I2P is broken - similar to how the FBI (Federal Bureau of Investigation) made a big arrest on Tor in August 2013 by exploiting Firefox flaws and the cyber crooks using i2Ninja probability to know this also.
Maor said that it is not yet clear that how much threat i2Ninja represents right now however the malicious software appears to be in huge demand.
So far, i2Ninja has not been spotted in the wild feasting on bank accounts of people but that will surely change.
Infosecurity-magazine.com published a statement on 25th November, 2013 quoting Maor as saying that with underground market activity surging and the unleashing of diverse malware source codes, Trusteer expects to witness a fresh malware variants and new underground offerings in 2014. i2Ninja has point the main point of discussion in a lot of Russian-speaking cybercrime forums and security team of Trusteer is vigorously hunting for a live alternative of this latest malware. Once such a threat is spotted and researched, we (Trusteer) shall definitely update with its new technical details".
» SPAMfighter News - 07-12-2013