12/18/2014 Sara Peters
A compartmentalized botnet with a wide selection of specialized web injects makes it easier to attack bank accounts across the globe.
For the attacker who wants the perfect botnet for their particular target but doesn't want to build it themselves, there is now Vawtrak -- a large botnet that can be broken down into smaller pieces and customized with a wide variety of web injects.
As described in a report released today by SophosLabs, Vawtrek is "apparently being used as part of a Crimeware-as-a-Service (CaaS) business model where the output of the botnet can be adjusted on demand, with financial data effectively being stolen to order."
Vawtrak (also known as NeverQuest and Snifula) is primarily after online bank accounts -- stealing credentials, sneaking around two-factor authentication, accessing accounts, transferring funds, and hiding the activity. It may disable anti-virus. It may install mobile malware. It's adaptable.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.