A variant of a banking Trojan known as Cridex can communicate with a CAPTCHA-breaking server inorder to establish malicious email accounts. Researchers at Websense Security Labs posted a videodocumenting howCridex broke a CAPTCHA test and opened a Yahoo email account in six attempts.
Cridex is a data-stealing Trojanthat is similar to Zeus in the way itoperates: It logs content from Web sessions and alters them to harvest information from theinfected user.Websense Security Labs
The Cridex network grows as it infects new machines via malicious emails. The emails containlinks to a BlackHole exploit kit, which attacks vulnerabilities in Web browsers and plug-ins. If successful,the kit downloads Cridex onto the machine.
Cridex is a data-stealing Trojan that is similar to Zeus in the way itoperates: It logs content from Web sessions and alters them to harvest information from theinfected user, according to the Websense Security Labs blog.
Cridex targets information from platforms like Facebook, Twitter and several online bankingservices. That data is then sent to a remote server.
Finally, it uses the infected machine to grow the size of the bot.
According to Websense, the Trojan opens Web sessions to online mail services and registers newemail accounts that are later used by the bot to send spam/malicious emails.
Cridex cannot run without a successful attack by the Black Hole exploit kit. Machines withupdated Web browsers and applications, as well as the latest antivirus software, should beprotected, Websense said.
0 comments:
Post a Comment