Wednesday, May 28, 2014

New Online Banking Trojan Program Combines Zeus and Carberp Features

How sweet is this? Zberp, the new threat, has a wide range of features, and is sure to provide hours of fun and challeges to security mavens.

Commenting on this, Lancope CTO, TK Keanini, said, "Attackers continue to innovate and are not afraid of borrowing techniques from one another. The trend is definitely to leverage toolkits and libraries from each other, as no one bad guy has to code it all himself anymore.

Another trend is that most of their communication channels are encrypted so this is bad news for packet inspection tools. Even if you capture terabytes of packets, the payloads are encrypted. This is where Netflow and IPFIX flow analysis comes in handy because directionality and other behavioural traffic patterns can identify infections even if the channels are using SSL.

As attackers continue to innovate, it is time that defenders do the same. Get creative, think like the adversary and be creative with your countermeasures. This is exactly what the adversary does not want you to do."