Fresh Data-Stealing Trojan, Kronos Identified
As per Trusteer, one fresh PC-Trojan, going by the name Kronos, created for seizing login credentials as well as more financial details entered onto Internet banking websites, has become widely known through increased canvassing on secret crime forums.
Senior Fraud Prevention Strategist Etay Maor of Trusteer states that one recent advertisement observed on one Russian cyber-criminals website promotes Kronos. The malware is capable of capturing credentials during Web-browsing activities within Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer. For the purpose, it utilizes HTML injection and form-grabbing methodologies, Maor explains. Pcworld.com published this, July 14, 2014.
Kronos, as per the advertisement, matches well with HTML injection scripts developed for the notorious Internet-banking Trojan ZeuS, now not being developed any more. The design choice has been made for letting cyber-criminals who continue to employ Zeus within their activities towards shifting onto Kronos without difficulty.
Alongside the info-stealing abilities, Kronos features one user-mode rootkit that suitably attacks 64-bit and 32-bit Windows computers, while safeguards the Trojan's processes from any other rival malware on the systems.
According to Kronos' creators via certain post on the underground forum, the Trojan carries a license so long as it'll exist for which it's priced $7,000 payable through Perfect Money, Bitcoin, the BTC-E exchange for Bitcoin/Litecoin, or WMZ. It also has bug fixes and updates for free, however, clients will require obtaining freshly-developed modules through separate payments, they explain.
To conduct a promotional campaign for the Trojan, Kronos' sellers further offered buyers 7 days' testing time for $1,000 during when they would get complete access to Kronos' regulatory panel.
Highlighting the most worrying facet about the Trojan, Senior Security Strategist George Tubin of Trusteer pointed to the Kronos tactics of eluding security measures, particularly anti-virus software. SCMagazine.com published this, July 14, 2014.
Moreover, it's anticipated that Kronos will employ one injection method undetectable by anti-virus, along with encrypted command-and-control interactions whose malicious traffic will remain invisible to researchers.
Now, one must wait and see whether this new malware turns out real and if there'll be a widespread adoption of it by cyber-criminals, in the phase of it presently being highly costly malicious software.
ยป SPAMfighter News - 7/24/2014