Malware Tools Get Smarter To Nab Financial Data
New versions of the Gh0st RAT Trojan -- believed to be used by China -- and the Citadel cybercrime kit both advance the malicious state of the art
If you've got $3,931 burning a hole in your pocket, speak Russian, and want to invest in a crimeware toolkit, you're in luck.
That's the price for the latest version of the Citadel malware, code-named Rain Edition (188.8.131.52), which includes all of the latest malware mod cons: advanced Firefox and Chrome data-stealing plug-ins, advanced Web injection techniques to modify code on targeted websites, and easier updating for Trojan files that have been used to infect PCs. The malware also sports an easy-to-use, browser-based interface for running the command-and-control (C&C) infrastructure that sends instructions to infected PCs in the botnet -- and retrieves stolen data -- as well as infection analytics.
Of course, that's assuming you could even obtain a copy of Citadel. "Getting your hands on Citadel is more difficult because of a stricter validation process within the Russian underground," said Jerome Segura, a senior security researcher at Malwarebytes, in a blog post. "The makers of Citadel are trying to keep a low enough profile to avoid gathering too much attention which could result in efforts to go after them -- as we have seen with Zeus." Accordingly, it's only available on selected Russian-language underground forums....