Experts at IBM discovered a new variant of Citadel banking malware which includes different remote management tools to maintain persistence on victims’ PC.
Researchers at IBM discovered a new variant of the Citadel banking malware which includes a new interesting feature that allows attackers to maintain persistence in the victim’s machine through remote management tools.Citadel is directly derived from the popular Zeus banking Trojan, in June 2013 Microsoft and the FBI carried out takedowns that eradicated more than 1,400 botnets (nearly 88% of overall Citadel botnet) associated with this malware.
The new variant of Citadel detected by the experts is integrated with VNC and other remote management tools exploited by the attackers to remotely control victim machines, even after the malware has been detected and removed.
Full Article