Botnet turf war on the horizon
Posted on 10 February 2010.
It seems that one of the predictions for 2010 from Websense's report is likely to come true: bots will be able to detect and actively uninstall competitor bots.

SpyEye is the name of a new toolkit that emerged 2 months ago on Russian underground forums. Its current rate is around $500, and this new competition is probably not seen with a kind eye by other toolkit peddlers.

But what is sure is that it definitely isn't a welcome addition for the Zeus toolkit developers, since Symantec reports that it is set to delete the ever-present Zeus from infected systems.


So far, there isn't much SpyEye activity to be noticed. It has been present only for a couple of months, but has already gone through several versions, acquiring additional capabilities very fast.

And it's this last version that sports the Kill Zeus feature. So far, the features were very similar to that of Zeus - the Trojan was a keylogger, it had autofill credit card modules, made daily email backups, had an encrypted config file, was a ftp protocol grabber, a pop3 grabber, a http basic access authorization grabber, etc.

This capability still remains to be confirmed by security researchers, but if it's true, I can't imagine Zeus creators being very happy. So far, there hasn't been any hint of retaliation, but you may be sure there will be some if SpyEye starts seriously gaining ground. Are we going to witness a new bot war? Time will tell.






Spotlight

Why IT security is broken and how math can save it

Posted on article.php?id=2107  |  Stuart McClure, CEO at Cylance, talks about how the information security industry has evolved when it comes to detecting bad guys, but it's being mostly reactive and not proactive.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Aug 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //