MalwareIntelligence is a site dedicated to research on all matters relating to anti-malware security, criminology computing and information security in general, always from a perspective closely related to the field of intelligence.

10.2.10

SpyEye Bot. Analysis of a new alternative scenario crimeware

Earlier this year saw the light in the underground black market that moves the axes of crimeware, a new application designed to provide feedback for criminal and fraudulent business.

This application, called SpyEye, is aimed at facilitating the recruitment of zombies and managing your network (C&C - Command and Control) through management panel via the web, from which it is possible to process the information obtained (intelligence) and stored in statistics, a common activity of criminal packages today.

Depending on their characteristics, very similar to those proposed by his counterpart ZeuS, SpyEye is presented as a potential successor to this within the scenario crimeware. Furthermore, it is evident that the criminal activities now represent a large business where cyber criminals and would-be cyber criminals abuse their "kindness".

This document describes the activities of SpyEye from the stage of infection giving relevant information about their purpose.

The full document can be downloaded from:

Spanish version
English version

Related information
Compendio Anual de InformaciĆ³n. El crimeware durante el 2009
SpyEye Bot. New bot on the market

Jorge Mieres

2 comentarios:

Anonymous said...

It has been proven that spyeye can successfully transfer money from accounts using two-factor authentication, such as banks using pin number generators. So people using pin calculators for their e-banking should also be extra carefull.
The possible solution is fingerprint e-banking which is not very common yet.

Anonymous said...

yep, there is a full scale attack on norwegian banks at the moment. all of which use two factor authentication

Post a Comment