The Hacker News Logo
Subscribe to Newsletter
CrowdSec

The Hacker News - Cybersecurity News and Analysis: Search results for Zeus

White House E-Card Scam Part of Larger Zeus-Related Attack !

White House E-Card Scam Part of Larger Zeus-Related Attack !

January 04, 2011Mohit Kumar
The simplistic spam campaign that hit around Christmas and purported to be a holiday greeting from the White House not only included a piece of Zeus-related malware that searches hard drives for documents and uploads them to a remote server, but also appears to be connected to a similar attack from early 2010 that exposed a nascent botnet. The holiday e-card scam is a typical year-end spam tactic and often will include malware of one type or another. But the latest incarnation was different in that it included a malicious executable related to the Zeus botnet and it seems that officials in a number of government agencies in the U.S. and elsewhere fell for the scam and ended up exposing gigabytes of government documents. One of the executables being used in the e-card attack is nearly identical to a file that was used in a similar attack in February 2010 that was detailed by security firm NetWitness at the time. In the frst stage of the latest attack, the user clicks on a link in the m
Europol Takes Down RAMNIT Botnet that Infected 3.2 Million Computers

Europol Takes Down RAMNIT Botnet that Infected 3.2 Million Computers

February 25, 2015Mohit Kumar
It seems like the world has declared war against the Cyber Criminals. In a recent update, we reported that FBI is offering $3 Million in Reward for the arrest of GameOver Zeus botnet mastermind, and meanwhile British cyber-police has taken down widely-spread RAMNIT botnet . The National Crime Agency (NCA) in a joint operation with Europol's European Cybercrime Centre (EC3) and law enforcement agencies from Germany, Italy, the Netherlands, and the United Kingdom has taken down the Ramnit "botnet", which has infected over 3.2 million computers worldwide, including 33,000 in the UK. Alike GameOver Zeus, RAMNIT is also a ' botnet ' - a network of zombie computers which operate under criminal control for malicious purposes like spreading viruses, sending out spam containing malicious links, and carrying out distributed denial of service attacks (DDoS) in order to bring down target websites. RAMNIT believes to spread malware via trustworthy links se
Where To Buy Your Tools From Hackers ?

Where To Buy Your Tools From Hackers ?

January 20, 2011Mohit Kumar
Software that facilitates the attack by beginners online scammers and the future is big business anarchists, says Karlin Lillington The suites are equipped with new software with all the trappings of modern software now offers: cloud computing hosting, software as a service (SaaS) functions, outsourcing, digital certificates, licenses to prevent piracy, software modules, and provided services and support packages. But the difference between these programs - listed in the Internet Relay Chat rooms, instant chat (IRC) and private online forums - and what it could buy public providers is that they offer more software piracy increasingly sophisticated for simple - young hackers with little ability to write their own computer code. "Lessons learned from large companies legitimate software - such as development practices, techniques and anti-piracy, support and prices - are regularly repeated in the informal economy, in order to increase efficiency and profits, says the safety re
Creators of  SpyEye Virus Sentenced to 24 Years in Prison

Creators of SpyEye Virus Sentenced to 24 Years in Prison

April 21, 2016Swati Khandelwal
In Brief Two International hackers, Aleksandr Andreevich Panin and Hamza Bendelladj, have been sentenced to a combined 24 years and 6 months in prison for their roles in developing and distributing SpyEye banking trojan, a powerful botnet similar to the infamous ZeuS malware. Both hackers were charged with stealing hundreds of millions of dollars from banking institutions worldwide. Masterminds behind the development and distribution of the infamous " SpyEye " botnet have finally been sentenced to a combined total of 24 years and 6 months in prison. Aleksandr Andreevich Panin and Hamza Bendelladj have been sentenced for their roles in developing and distributing SpyEye malware that is said to have caused hundreds of millions of dollars in losses to the financial sector, the U.S. Justice Department said  on Wednesday. SpyEye, a successor to the notorious Zeus banking malware , has affected financial institutions since 2009. Once infected, the malware connects t
Beebone Botnet Taken Down By International Cybercrime Taskforce

Beebone Botnet Taken Down By International Cybercrime Taskforce

April 10, 2015Swati Khandelwal
U.S. and European law enforcement agencies have shut down a highly sophisticated piece of the botnet that had infected more than 12,000 computers worldwide , allowing hackers to steal victims' banking information and other sensitive data. The law enforcement agencies from the United States, United Kingdom and the European Union conducted a joint operation to get rid of the botnet across the globe and seized the command-and-control server that had been used to operate the nasty Beebone (also known as AAEH ) botnet . What's a Botnet? A botnet is a network of large number of computers compromised with malicious software and controlled surreptitiously by hackers without the knowledge of victims. Basically, a "botnet" is a hacker's "robot" that does the malicious work directed by hackers. Hackers and Cyber Criminals have brushed up their hacking skills and started using Botnets as a cyber weapon to carry out multiple crimes such as DDoS attacks
Gameover Malware, variant of ZeuS Trojan uses Encryption to Bypass Detection

Gameover Malware, variant of ZeuS Trojan uses Encryption to Bypass Detection

February 04, 2014Swati Khandelwal
The year begins with the number of new variants of malware that were discovered by various security researchers. The new variants are more complex, sophisticated and mostly undetectable. Two years back in 2012, the FBI warned us about the ' GameOver ' banking Trojan, a variant of Zeus financial malware that spreads via phishing emails. GameOver makes fraudulent transactions from your bank once installed in your system with the capability to conduct Distributed Denial of Service, or DDoS, attack using a botnet, which involves multiple computers flooding the financial institution's server with traffic in an effort to deny legitimate users access to the site. But that wasn't the end; a new variant of the same family of banking Trojan has been discovered by researchers that are being delivered by cyber criminals to users' machines, making it easier for the banking malware to evade detection and steal victim's banking credentials. Malcovery's Gary Warner explains
Arrested 'Happy Hacker' is the ZeuS Botnet Mastermind

Arrested 'Happy Hacker' is the ZeuS Botnet Mastermind

January 11, 2013Mohit Kumar
Last week, Happy Hacker   arrested in Thailand on charges of stealing millions from online bank accounts. According to new reports same hacker alleged as ZeuS Mastermind and used to have the profile of a miscreant nicknamed " bx1 ," a hacker fingered by Microsoft before as a major operator of botnets powered by the ZeuS banking trojan .  He remained smiling throughout a press conference in which Thai police explained that Thailand will seek to extradite Mr Bendelladj to the US state of Georgia, where a court has issued a warrant for his arrest. 24-year-old Algerian Hacker , Hamza Bendelladj   arrested at a Bangkok airport enroute from Malaysia to Egypt. The ZeuS botnet is one of the most notorious in existence, and it's also one that has earned its masters some pretty massive payouts. The Email ID's  daniel.h.b@universityofsutton.com , and danieldelcore@hotmail.com  mentioned by Microsoft in a complaint submitted to the U.S. District Court for the Eastern Distr
Russian Underground Cybercrime market offering sophisticated services

Russian Underground Cybercrime market offering sophisticated services

November 05, 2012Mohit Kumar
Security firm Trend Micro recent analyses the Russian crimeware markets and has found that malware tools and services range from one-time packages which cost just pennies to sophisticated packages and services which cost purchasers thousands of dollars per month. If you want to buy a botnet it will cost you somewhere in the region of $700. If you just want to hire someone else's botnet for an hour, though, it can cost as little as $2. There are at least 20 different types of services offered in Russian-speaking forums for just about anyone who wants to make a buck off of cybercrime, everything from crime-friendly VPN and security software-checking services to plain old off-the-shelf exploits. " As the Russian underground community continuously modifies targets and improves technologies, security companies and users must constantly face the challenge of effectively protecting their money and the information they store in their computers and other devices ," the
A Russian Zeus attacker Sentenced from Million Dollar Fraud

A Russian Zeus attacker Sentenced from Million Dollar Fraud

March 26, 2012Mohit Kumar
A Russian Zeus attacker Sentenced from Million Dollar Fraud  A Russian Hacker, who was part of an elaborate Cyber attack that used Zeus Banking Trojan  in U.S. visas to move cash stolen from U.S. businesses out of the country was sentenced on March 23 to two years in U.S. federal prison. Nikokay Garifulin received a two-year prison term for his involvement in a global bank fraud scheme that used hundreds of phony bank accounts to steal over $3 million from dozens of U.S.accounts that were compromised by malware attacks. According to court documents and statements, Garifulin was part of a cyber bank fraud scheme, backed by Eastern European hackers to steal money from the bank accounts of small and mid-sized businesses throughout the U.S. The cyber attacks included Zeus Trojan, would embed itself in victims' computers and record keystrokes as they logged into their online bank accounts. The hackers responsible for the malware then used the account information to take over the victi
SpyEye Trojan stole $3.2 million from US victims,Android users will be next target !

SpyEye Trojan stole $3.2 million from US victims,Android users will be next target !

September 16, 2011Mohit Kumar
SpyEye Trojan stole $3.2 million from US victims, Android users will be next target ! A Russian cybergang headed by a mysterious ringleader called 'Soldier' were able to steal $3.2 million (£2 million) from US citizens earlier this year using the SpyEye-Zeus data-stealing Trojan, security company Trend Micro has reported and Trusteer reports that an Android variant of Spitmo (SpyEye for mobile) has been discovered. The methodology sounds familiar for those familiar with ZeuS Mitmo and SpyEye Spitmo: infected computers inject a message into targeted netbanks prompting their customers to install software on their phones. Once Spitmo is installed, the SpyEye attacker is able to monitor incoming SMS and to steal MTAN authentication messages. " His botnet was able to compromise approximately 25,394 systems between April 19, 2011 and June 29, 2011. And while nearly all of the victims were located in the US, there were a handful of victims spread across another 90 countries ,"
SpyEye 1.3.45 Download - Loader source code

SpyEye 1.3.45 Download - Loader source code

August 10, 2011Mohit Kumar
SpyEye 1.3.45 Download - Loader source code A new fresh and sophisticated web-based bot named SpyEye is around in the markets and looks like to be the possible successor of the famous Zeus Trojan due to its very interesting features, with the main objective to steal bank accounts, credit cards, ftp accounts and other sensitive data from the victim's computer. SpyEye was written in C++ and the size of the compiled binary is of 60 KB, the operating systems supported are from Windows 2000 to the recent Windows 7, it works in ring3 mode (same as Zeus Trojan). It is sold as undetected from most Antivirus Software and it is invisible from the task managers and other user-mode applications, it hides the files from the regular explorer searches and it hides also its registry keys. Snorre Fagerland, Senior Virus Analyst at Norman, briefly explains what the SpyEye online banking trojan is and what you need to be on the lookout for when banking online. SpyEye is actually sold by its au
Finally Source code of ZeuS Botnet Version: 2.0.8.9 available for Download !

Finally Source code of ZeuS Botnet Version: 2.0.8.9 available for Download !

May 11, 2011Mohit Kumar
Finally Source code of ZeuS Botnet Version: 2.0.8.9  available for Download ! Download Link :  https://www.multiupload.com/P8QUNF4YJN Rar password : zeus Read More :  Complete ZeuS source code has been leaked ! ' The Hacker News ' Magazine -   Social Engineering Edition  - Issue 02 - May,2011 Released ! Download Now
Beware! Don't Fall for FireFox "HoeflerText Font Wasn't Found" Banking Malware Scam

Beware! Don't Fall for FireFox "HoeflerText Font Wasn't Found" Banking Malware Scam

May 05, 2017Wang Wei
The malicious scam campaign, " The 'HoeflerText' font wasn't found ," is back, which was previously targeting Google Chrome users to trick them into installing Spora ransomware on their computers. This time the campaign has been re-designed to target Mozilla Firefox users with a banking trojan, called Zeus Panda , says   Kafeine , a security researcher at Proofpoint. Interestingly, the attackers behind this new campaign are so stupid that they forgot to change the name of the font, i.e. HoeflerText, due to which can be easily spotted. As I previously warned — Next time when you accidentally land up on a suspicious website with jumbled content prompting to update the Firefox or Chrome font pack by downloading a missing text font to read the article… Just don't download it. It's obviously a trap. Just like the previous one, the latest Firefox 'HoeflerText font wasn't found scam is also very convincing and easy to fall for. The attack in
Mirage Anti-Bot 2.0 : Protection against ZeuS, SpyEye Malwares

Mirage Anti-Bot 2.0 : Protection against ZeuS, SpyEye Malwares

February 22, 2012Mohit Kumar
Mirage Anti-Bot 2.0 : Protection against ZeuS, SpyEye Malwares Jean-Pierre aka DarkCoderSc and Fred De Vries Develop and Release the second version of Another great security tool named " Mirage Anti-Bot 2.0 ". Zeus and SpyEye were the two main families of botnet software. These types of malware are spread mainly through drive-by downloads and phishing schemes. They are so-called Trojan horses which are designed to steal credentials from various online services like social networks (such as Facebook, Hi5, Yahoo, Netlog), online banking accounts (phising), ftp-accounts, email-accounts and other. They are part of botnets that are estimated to include millions of compromized computers. Because your antivirus program is not always giving you enough protection against these types of malware, so Experts at https://unremote.org/  create this program for you, that can be used as an extra layer of security. Mirage Anti-Bot will be downloading and installing one or more blocklists
FBI warning about Banking trojan "Gameover"

FBI warning about Banking trojan "Gameover"

January 09, 2012Mohit Kumar
FBI warning about Banking trojan " Gameover " Organized crooks have begun launching debilitating cyber attacks against banks and their customers as part of a smoke screen to prevent victims from noticing simultaneous high-dollar cyber heists. On Friday the FBI issued a warning about a banking trojan named Gameover. It's a new variant of Zeus, a user credential stealing malware that targets online bank users. Zeus has been around for years, and every now and then a new version with a new twist pops up. Gameover has also been implicated in Distributed-Denial-of-Service attacks that temporarily-disable bank websites to draw attention away from fraudulent transactions. Like another Zeus variant, Troj/BredoZp-GY, Gameover uses e-mail spam to propagate, and the safest way to keep Gameover away from your PC is to avoid links and file attachments that are contained in unfamiliar e-mail messages. Experts warn that any interaction with this fake NACHA link can infect your PC with
Fingerprinting the author of the ZeuS Botnet !

Fingerprinting the author of the ZeuS Botnet !

May 12, 2011Mohit Kumar
The source code of the ZeuS Botnet is now available for  Download . Derek Jones  (the author this article) imagine there are a few organizations who would like to talk to the author(s) of this code. All developers have coding habits, that is they usually have a particular way of writing each coding construct. Different developers have different sets of habits and sometimes individual developers have a way of writing some language construct that is rarely used by other developers. Are developer habits sufficiently unique that they can be used to identify individuals from their code? I don't have enough data to answer that question. Reading through the C++ source of ZeuS I spotted a few unusual usage patterns (I don't know enough about common usage patterns in PHP to say much about this source) which readers might like to look for in code they encounter, perhaps putting name to the author of this code. The source is written in C++ (32.5 KLOC of client source) and PHP (7.5KLOC of server
Trojan & Botnet Activities Increased in February-March !

Trojan & Botnet Activities Increased in February-March !

March 05, 2011Mohit Kumar
Trojans were the most prolific malware threat in February-March, and collaboration seems to be the name of the game in malware development and distribution. Trojan-based attacks continue to be the biggest malware threat in February, but PDF exploits aren't far behind, according to several security reports. About 1 in 290 e-mails in February were malicious, making the month one of the most prolific periods for the threats, according to Symantec's February 2011 MessageLabs Intelligence Report. The global ratio of spam in e-mail traffic was 81.3 percent, an increase of 2.7 percent since January, the report found. The recent decline in spam appears to have reversed for the time being, according to the report. There was a lot of botnet activity in February, and the perpetrators appeared to be working together to some extent to distribute Trojans, according to Symantec. There were signs of integration across Zeus, Bredolab and SpyEye, as techniques associated with one malware family w
The new face of cyber crime

The new face of cyber crime

October 31, 2010Mohit Kumar
Today's cyber crime has far-reaching implications for security professionals. Corporate environments are experiencing more cyber crime, and intellectual property is increasingly a target for criminal activity. This is according to Uri Rivner, head of new technologies, identity protection and verification at RSA, speaking during a roundtable at the RSA conference in London this week. He said in the past, cyber crime was a one- man operation – the basement hacker causing mischief. These days, he added, it is an entire economy, run like legitimate businesses with a few obvious exceptions. "Online fraud is divided into two parts – harvesting and cash out," he said. "This translates into those stealing and collecting the data , and those monetising it, cashing in the accounts using the stolen credentials." According to Rivner, it is ridiculously easy to launch a Trojan attack these days, as they can be purchased off the Internet with ease. "A Trojan costs around $
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.