New Version of the Kronos Banking Trojan Discovered

Trojan

Trojan discovered of new version of the Kronos

Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users’ systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. Once activated, Trojans can enable cyber-criminals to spy on you, steal your sensitive data, and gain backdoor access to your system.

A new version of the Kronos banking trojan is making the rounds, according to Proofpoint security researchers, who say they’ve identified at last three campaigns spreading a revamped version of this old trojan that had its heyday back in 2014.

While initial samples appeared to be tets, real-life campaigns got off the ground in late June, when researchers started detecting malspam and exploit kits delivering this new version to users in the wild.

 

Trojan

 

Campaigns targeted Germany, Japan, Poland

 

Proofpoint reports spotting three campaigns and one test run, targeting users of German, Japanese, and Polish banks.

Proofpoint reports an extensive code overlap between the 2018 and 2014 versions. Similarities include that the 2018 version uses the same Windows API hashing technique and hashes, the same string encryption technique, the same C&C encryption mechanism, the same C&C protocol and encryption, the same webinject format (Zeus format), and a similar C&C panel file layout.

But the two versions are not identical. The main difference is that the 2018 edition uses Tor-hosted C&C control panels.

 

Proofpoint

 

Kronos 2018 edition could be new Osiris trojan

 

Researchers say that at the same time this new Kronos variant started appearing on their radar, a malware author started advertising a new banking trojan on hacking forums that he referred to as Osiris.

Proofpoint researchers did not manage to get their hands on a sample of this new Osiris malware, but they say the ad perfectly described the Kronos 2018 edition.

The biggest clue is that the author of this new trojan claims his trojan is only 350 KB in size, which is close to the (351 KB) size of an early Kronos 2018 edition sample researchers found in April. Coincidentally or not, that sample was named os.exe, presumably from Osiris, albeit not confirmed.

 

Osiris

 

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Advance Python Training in Bhubaneswar

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Computer Forensic Training in Kolkata

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Internet Of Things Training

Internet Of Things Training Hyderabad

Embedded System Training

Digital Marketing Training

Machine Learning Training

Python Programming training

Android Training in Bangalore

Android Training in Hyderabad

Android Training in Bhubaneswar

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad


Show Buttons
Hide Buttons