Blog

eWEEK – Crimeware Kit Targeting Mac OS X Mimics Zeus and Spyeye Features

0

Security researchers came across a new malware toolkit that allows criminals to develop malware specifically for Mac OS X that uses the same templates as Zeus and Spyeye.

Danish security researchers came across a new crimeware kit for sale on several underground forums that purport to create malware that targets the Mac OS X platform.

The $1,000 kit is being sold on a few “closed” underground forums under the name “Weyland-Yutani Bot,” Peter Kruse, a partner and security specialist for Danish IT firm CSIS Security Group, wrote on the company blog May 2. The “first ever” kit for Mac malware comes with the ability to grab data entered into a Firefox Web browser, Kruse wrote. Chrome and Safari versions are expected soon, as are versions that will target Apple’s iPads and Linux systems.

“Detailed information about this crimeware kit is not being leaked publicly and the authors of the kit are obviously trying to stay below the radar allowing only vetted users of the forums to see most of the content,” Kruse wrote.

Malware developers are increasingly monetizing their malicious code by selling do-it-yourself toolkits to other cyber-criminals. Zeus is one of the better-known Trojans available on the black market as a toolkit, which has resulted in multiple gangs operating autonomous Zeus botnets to steal banking information.

These crimeware kits allow practically anyone to set up a fairly sophisticated attack portal and launch a malicious campaign without needing a lot of development expertise or know-how. Criminals can also modify existing kits and turn around and sell customized versions to others, creating even more variants.

The prevalence of these fairly affordable toolkits is directly responsible for the rise in Web-based attacks, according to a recent Cyber-Security Risks Report from HP DVLabs. Other popular kits include Phoenix, NeoSploit, Nukesploit and Blackhole, according to a Symantec report.

Read more: eWEEK


Leave a Reply


*

    No Twitter Messages.