CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
May 15th, 2008

Botnet Kit And Service Offered To Non-Techies

Non-techie fraudsters are being offered a service that offers an all-in-one hosting server with a built-in Zeus trojan administration panel and infecting tools, allowing them to create their own botnet. The exploit package allows fraudsters to easily infect users and grow a botnet of compromised machines, and boasts an easy to use web hosting control panel that can be used by virtually anyone.

A new recently traced service also offers access to a hosting server with a built-in Zeus trojan administration panel and infection tools. The service includes all of the required stages in a single package, meaning that all the fraudster now has to do is pay for the service, access the newly-hired Zeus trojan server, create infection points and start collecting data.

Fraudsters who execute Zeus attacks simply need to take control of a compromised server or have their own back-end servers; once they have a server in place, they merely need to install the Zeus administration panel, create a user name and password, and start launching their attacks. Those offering the Zeus package are mirroring what legitimate security vendors are offering, security-as-a-service, but in their case they are slinging malware-as-a-service.

EMC’s security division, the RSA Anti-Fraud Command Centre (AFCC), cited an increase in the use of the Zeus trojan in attacks against financial institutions in its April online fraud report, claiming the trojan is extremely user friendly and easy to operate. What Zeus means is that you are buying a service with traditional software support and maintenance, so you can go about your business without updating and patching.

The Zeus trojan is designed to perform advanced key logging when infected users access specific web pages. The information it collects is encrypted when it is sent to the collection point, and can be communicated over SSL encryption.

Share this item with others:

More on CyberInsecure:
  • Botnet Spams 60 Billion Emails A Day
  • BBC Website Hit By DDoS Attack
  • Storm Botnet Is Behind 20 Percent Of Internet Spam
  • Mass Injection At Media Temple Hosting Leads To Web Exploit Kit
  • Massive Botnet DDoS Attack Hits Mininova.org

    • Posted in Malware, Trojans & Worms | Print This Post Print This Post

    This entry was posted on Thursday, May 15th, 2008 at 4:28 am and is filed under Malware, Trojans & Worms. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Botnet Kit And Service Offered To Non-Techies

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »