Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

AlienSpy Being Used by Hackers to Spread Citadel Malware

Threatpost.com reported on 8th April, 2015 quoting a recent revelation by researchers as "Hackers have co-opted AlienSpy; a remote access tool (RAT), to deliver Citadel banking Trojan and create backdoors inside several critical infrastructure operations."

Darkreading.com published news on 8th April, 2015 quoting security firm Fidelis Cybersecurity Solution as "The Trojan is a more advanced version of prior generations of RATs such as Adwind, Frutas and Unrecom which have been used in criminal operations in recent years. Among those being aimed are individuals and business houses in many industries including financial services, the high-tech, energy sectors and government departments.

Familiar to other malware tools, distribution of AlienSpy is done through phishing electronic mails with subject line which are designed to trick recipients to open them. Many emails pose to contain information linked to some type of financial transactions. Systems which are tainted could end up with additional botnet and data embezzling malware loaded on them.

AlienSpy contains many features along with data gathering from OS version, IP, RAM info, computer name), video and audio captures, uploading and executing files, stealing browser-stored passwords, remote desktop management and keylogging.

The researchers found that the latest version of RAT also includes analysis evasion capabilities like terminating activity of several antivirus and security tools, sandbox detection and encrypted communication with command and control (C&C) server.

Membership for AlienSpy packages are sold for $20 to $220 (18.5 Euro - 203 Euro) depending on the number of modules the buyer wants to buy.

Currently limited antivirus products can detect RAT (AlienSpy). Fidelis defined the abilities of the malware tool much more advanced than what was available with the previous editions remote access malware tools.

AlienSpy works on all major desktop platforms (Mac, Windows and Linux) and also has the support for the operating system of Android to which cybercriminals are attracted more.

Fidelis recommends that enterprises should inspect attachments .jar first before allowing users to handle them.

Threatpost.com reported on 8th April, 2015 quoting Fidelis as "You may not want personnel in HR, Finance or Executive office receiving emails with executable file attachments or archives containing executable files which may put them at risk."

» SPAMfighter News - 4/15/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next