AOH :: ISNQ6002.HTM

New BlackEnergy Trojan Targeting Russian, Ukrainian Banks




New BlackEnergy Trojan Targeting Russian, Ukrainian Banks
New BlackEnergy Trojan Targeting Russian, Ukrainian Banks



http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=223101487 

By Kelly Jackson Higgins
DarkReading
March 04, 2010 

SAN FRANCISCO -- RSA Conference 2010 -- Russian hackers have written a 
more sophisticated version of the infamous BlackEnergy Trojan associated 
with the 2008 cyberattacks against Georgia that now targets Russian and 
Ukrainian online banking customers.

Joe Stewart, a security researcher with SecureWorks, says Russian 
hackers are using the Trojan spread via the BlackEnergy botnet to hit 
Russian and Ukrainian banks with a two-pronged attack that steals their 
customers' online banking credentials and then wages a distributed 
denial-of-service (DDoS) attack on the banks as a cover: "They may be 
emptying the bank accounts while the banks are busy cleaning up from the 
DDoS," Stewart says.

Dubbed by Stewart as "BlackEnergy 2," this new version of the Trojan is 
a full rewrite of the code that features a modular architecture that 
supports plug-ins that can be written without access to its source code. 
It currently comes with three different DDoS plug-ins, as well as one 
for spamming and two for online banking fraud, according to Stewart.

And with the ability to target users in Russia and the Ukraine, 
BlackEnergy 2 is a departure from the tradition where many Russian 
hackers won't target their fellow countrymen or those from other former 
Soviet Republic countries. "The rules have changed," Stewart says. 
"There was once an unwritten rule that they didn't attack their own 
banks."

[...]


___________________________________________________________
Register now for HITBSecConf2010 - Dubai, the premier 
deep-knowledge network security event in the GCC, 
featuring keynote speakers John Viega and Matt Watchinski! 
http://conference.hitb.org/hitbsecconf2010dxb/ 



Site design & layout copyright © 1986-2014 CodeGods