Security Researchers find Carberp in New Version

According to security researchers, the banker Trojan Carberp, which lately struck more than 150,000 computers in Australia, has been found yet again spreading in the country via bulk e-mails carrying the malware, reported cso.com.au, January 16, 2015.

Notably, after one ransomware attack massively infected Australian users locking their PC files till the time money demanded was paid, one known banker Trojan having its origin in Russia is likely to return in Australia.

Symantec's security investigators state that one fresh version of Carberp chiefly targets computers in Australia, with more than 50% of contaminations worldwide occurring here.

Given the name "Carberp.C," the malicious program captures online banking credentials that are stored on infected computers while it's getting disseminated through spam mails which carry a zipped attachment mimicking a bill. Quite naturally, the zipped archive in reality contains malware.

This malware, according to researchers, has the ability to contaminate both 64-bit and 32-bit computers while bears associated plug-ins that suit different CPU architectures.

One key revision to the "C" edition happens to be the coding volume which miscreants have expended on stealth.

Symantec explains that the new Carberp sample is intriguing because of the many parts the attack contains that aid in concealing the infection as well as in quietly pulling down more encrypted payloads for subsequent injection of the same into processes. Extra elements are implanted into the installer followed with zipping them, adds Symantec. Infosecurity-magazine.com published this, January 16, 2015.

According to Symantec's researchers, the widely spreading behavior of Carberp likely shows Oz as being one freshly-known area of attack for cyber-crooks.

Symantec repeats since Carberp.C is chiefly attacking Australian PCs, it could further indicate one more prevalent tendency of malware creators foraying inside the country like during the lately considerable expansion of crypto-malware striking PCs here.

During June 2013, Carberp's source-code became obtainable from underground forums just following the announcement by Russian officials that they arrested a person understandably the main culprit responsible for the financial badware. Then during November 2014, Trojan.Carberp.B was found; however, meanwhile, Carberp code was as well utilized for designing an amalgamation of Carberp and Zeus components that was named Zberp.

» SPAMfighter News - 1/26/2015