MalwareDisasters is a division of MalwareIntelligence. In the same test information is captured about the behavior of malicious code, and also offering the necessary countermeasures to mitigate the malicious actions in question.

2.24.2010

SpyEye Bot (Part two). Conversations with the creator of crimeware

In recent weeks, SpyEye (a new financial trojan) has been the talk of many for the positive acceptance was so in the underground scene due to its balance about cost/benefit, and the great impact that achievement to whiten the features in its latest version that allows systems to eliminate the activities of your competition: ZeuS.

Our previous report, “SpyEye. Analysis of a new crimeware alternative scenario,” addressed known technical issues involving the activities of this threat.

In this second part we present the exclusive interview by Ben Koehl, Crimeware Researcher of Malware Intelligence. Through interviews with the creator of crimeware, we reveal information that shows some of the thought process and brains behind the creator of SpyEye. We also see the source code for the Zeus Killer addition.

The way that Gribodemon thinks is not unique anymore in the cybercrime world. We are seeing individuals and groups becoming more specialized in the services they provide and are no longer spreading themselves thin. There are many industries within the cybercrime world. From coding to infrastructure support to public relations.

There was a large language barrier between me and the author so I had to keep the questions short and basic so his translator program could handle them (Lingvo.) We broke up the conversation in pieces to make it flow better to the reader.

This document can be downloaded from:

English version
Spanish version

Related information
SpyEye Bot. New bot on the market
Compendio Anual de Información. El crimeware durante el 2009

Jorge Mieres

Ver más

2.10.2010

SpyEye Bot. Analysis of a new alternative scenario crimeware

Earlier this year saw the light in the underground black market that moves the axes of crimeware, a new application designed to provide feedback for criminal and fraudulent business.


This application, called SpyEye, is aimed at facilitating the recruitment of zombies and managing your network (C&C - Command and Control) through management panel via the web, from which it is possible to process the information obtained (intelligence) and stored in statistics, a common activity of criminal packages today.

Depending on their characteristics, very similar to those proposed by his counterpart ZeuS, SpyEye is presented as a potential successor to this within the scenario crimeware. Furthermore, it is evident that the criminal activities now represent a large business where cyber criminals and would-be cyber criminals abuse their "kindness".

This document describes the activities of SpyEye from the stage of infection giving relevant information about their purpose.

The full document can be downloaded from:

Spanish version
English version

Related information
Compendio Anual de Información. El crimeware durante el 2009
SpyEye Bot. New bot on the market

Jorge Mieres

Ver más