Tuesday 23 August 2011

Rammnit Adapts To Zeus

In the latest malware news, the file infecter known as Rammnit gets an upgrade. The writers and creater(s) of Rammnit has adapted the Zeus code into it's coding, and this is just the first step in the evolution of newer infections.

Earlier this year we saw the Zeus source code released online, followed by SpyEye code being released online, and so far Rammnit is the first to take advantage of this and the creators added Zeus into Rammnits source code, all in the name of financial gain.

The malware scene and writers make millions from online fraud everyday, and as we saw, Zeus and SpyEye was widespread and very successful in what the infection was made to do, now with Zeus/SpyEye being released online, it's given malware writers a new base and platform for them to build around and possibly upgrade, and it just makes it easier for malware writers to create new malware with new techniques.

Sure, right now a lot would say TDL4 (as far as fixable infections go) is still the most dangerous as it's hiding in the MBR, one of the most dangerous areas of a machine to play with, but the point I'm making is that making malware nowadays with all the tools appearing online and in underground communities, it's not hard to do.

It wouldn't suprise me if we DID see more malware taking on the likes of Zeus into their code, and this can only result in more new and dangerous malware appearing.

No comments:

Post a Comment