New Bugat Trojan, in A Better-Hidden Version, Emerges

According to security researchers at Trusteer, the Bugat Trojan which steals financial data has been found afresh as it carries out Internet fraud. Lately, during a phishing scam, perpetrators have been distributing Bugat via attacks against LinkedIn users, although the scam was generally thought as attempting to contaminate computers using the more usual Zbot/Zeus Trojan.

Apparently, cyber-criminals, while spreading this fresh Bugat have been trying to use different tools for attack through a medium which's not so familiar to Web-surfers and thus more difficult to identify as well as block.

The attack, during the first week of October 2010, distributed e-mails to LinkedIn members telling that their accounts had pending messages. Additionally, it distributed a fake web-link, which led users onto a site where a JavaScript downloaded and executed the Bugat malware.

Say the security researchers that there's a likeness between Bugat and the more familiar financial Trojans Clampi, Gozi and Zeus. It (Bugat) attacks Firefox and Internet Explorer browsers as well as seizes information when Web-surfers engage in Internet banking transactions.

State the experts at Trusteer that there's a threefold commonality of Bugat in USA compared to Europe, however, it is not so widely distributed. Net-Security reported this on October 12, 2010.

The computer security company Trusteer, which's privately owned, cautions that as lately, concentration by industry players has been on Zeus, the act is enabling other Trojans such as SpyEye, Carberp and Bugat that are equally advanced though less popular to easily evade identification. ComputerWeekly reported this on October 12, 2010.

Explaining further Trusteer's alert, CTO Amit Klein of the security company said that Bugat was one of those Trojan families, which Zeus had overshadowed. Besides, the latest phishing scam targeting LinkedIn distributed Bugat too, not merely Zeus like a few specialists had thought.

In addition Klein explained that Trusteer detected Bugat as proliferating through the phishing assaults, while malevolent payloads were getting plentifully distributed, however, the malware that the company's researchers repeatedly witnessed was Bugat. DarkReading reported this on October 12, 2010.

Conclusively, specialists anticipate that the aforementioned not-so-familiar financial malware will ultimately rise in popularity and substitute Zeus.

Related article: New Zealand Releases Code To Reduce Spam

» SPAMfighter News - 10/22/2010