It’s called the Limbo 2 Trojan, and for a fee it will evade Symantec, McAfee, AVG, and others to perform live hijacks of banking sessions. Software security company PrevX discovered this custom-built Trojan, which is ‘guaranteed’ by criminals to avoid the top-ten security software products on the market. Criminals selling personalized versions of the Trojan are seeing huge demand from customers for this advanced piece of Malware, selling each for $1,300 USD.
For Sale: Trojan, will beat top 10 AV vendors $1300 firm. (IMG:J.Anderson)
The strength of Limbo 2 lies in its highly changeable shell, which criminals are customizing for each new customer. This allows it to stay undetected by anti-virus companies, as long as there is no chance of a blanket signature block. While the payload and end result are the same, this pliable cloak has practically unlimited variants.
According to PrevX, each variant sold is built anew and has to be customized to incorporate the domain of where all the information is to be sent back to. These are then sold on to Web sites or botnets to infect individuals.
Limbo 2 uses sophisticated techniques to steal financial information and hijacks live banking sessions, not only keylogging from information fed in by the user, but also adding spoofed information boxes asking for users to enter more information than usual.
This and other information, such as password log-ins, credit card details, e-mail details, and any other personal information stored on the hard drive, are all filtered back to the individual owner, PrevX said.
Jacques Erasmus, Director of Malware Research at PrevX, said: “This is one of the most dangerous Trojans out there at the moment. The strength of this piece of Malware lies in its versatility, even if it is recognized up by an anti-virus company it can be changed [so it’s] invisible again within hours… Whoever designed this Trojan is making a lot of money, probably thousands of pounds every day.”
Now the trick would be to see if this Trojan is still alive and kicking six months from now, and this time next year. This is not the first Trojan that, for a price, can remain 'hidden,' but most of the others have all fallen out of use, or are easily detected.
However, the creation of Malware kits, and tools designed to create payloads on the fly, are becoming a nuisance.
There are currently no comments for this article. Be the first to comment! (no registration required)
Advertising
There are currently no comments for this article. Be the first to comment! (no registration required)