Malware developers embrace open-source

Cyber crooks have embraced the open-source model in the development of banking Trojans following the release of source code for the infamous ZeuS cybercrime toolkit last year.

Multiple variants of a Zeus Trojan called Citadel have emerged over recent weeks. Security firm Seculert reports that the main developers of the software have also created forums where customers of Citadel can suggest new features and modules, report bugs and other errors, or enter into discussion with their fellow e-banking fraudsters. This approach is fuelling development of extremely well-developed malware. New modules and features include support for AES Encryption of malware configuration files, support for security vendor websites blacklisting and technology designed to keep off the radar of Zeus tracking websites. Cybercriminals have embraced open-source malware with the creation of 20 unique botnets using the new Citadel malware. Several of those botnets have infected more than 100,000 machines. Cybercrooks have embraced new trends, for example, the Citadel authors provide their customers with a user manual, release notes and a licence agreement. Original news was published at The Register web site.