Wednesday, March 9, 2011

SpyEye Botmasters Fight Back – Targeting Swiss Security Site’s SpyEye Tracker

Via RSA Blog -

The RSA FraudAction Research Lab recently discovered evidence of cybercriminal attempts to sabotage the Swiss white hat site, abuse.ch through new plug-ins to the latest SpyEye Trojan variants found in the wild, SpyEye v. 1.3.10. This move is significant in that it shows how fraudsters are eager to damage the non-profit website’s availability and credibility – a sign of the apparent effectiveness of SpyEye Tracker and that it represents more than just a thorn in the side of many Zeus- and SpyEye-toting botmasters.

RSA researchers have found proof that fraudsters are using a DDoS plug-in for the SpyEye Trojan designed to leverage botnets to knock out availability of abuse.ch. In addition, RSA FraudAction researchers found SpyEye config files into which legitimate website domains were deliberately inserted in an attempt to throw off the white hat site’s blocklists.


-----------------------------------------------------------------------------------

KrebsOnSecurity: SpyEye, ZeuS Users Target Tracker Sites
http://krebsonsecurity.com/2011/03/spyeye-zeus-users-target-tracker-sites/

No comments:

Post a Comment