If you were upset in the past by the severity of well-known banking Trojan such as Zeus and Carberp, at least you have an idea about the scope of devastation that these kinds of malware can wreak upon the financial institution.
Now a very fresh Trojan called Pandemiya which, from all indications discovered by security researchers, has the same intensity as those mentioned above is on the rise, and it will only be a matter of time before it becomes a full-blown malware that is capable of disturbing the financial institution even further, as banking Trojans are known for.
RSA Security recently disclosed that hacker forums are giving much attention now to the malware as their next tool for launching attacks against banks with the same or much greater magnitude as they did when they used the Zeus variants in the past.
For $2,000, hackers can gain access to Pandemiya’s source code, obtaining the technology for thwarting the detection and monitoring systems of most anti-malware tools. The only that is needed to execute the attack is a set of encrypted command and control servers, then attackers are good to go. Plus, bad actors are able to enhance the malware with additional malicious features that boost the Trojan’s operations through fresh .dll files.
RSA explains that Pandemiya is new, something whose scale of attack is unprecedented, therefore we have yet to see how it impacts target networks and machines. And since it is still in its inception, we can expect that more improved versions of the malware will sprout like mushrooms in the future, creating an even riskier environment for businesses that rely on cyber space.
The malware was spotted just days after the GameOver Zeus botnet was taken down by authorities. So it appears it is taking the place of Zeus, another old banking malware that is not related to Pandemiya.
Security experts are of the same opinion that the inspiration behind developing an entirely new malware such as Pandemiya is to avert existing detection mechanisms of security software products, which are developed using data about previous iterations of a known Trojan, as in the case of Zeus which has gone through various versions through the years.
And the strategy works. Now security providers will have to shell out huge of sum to invest in research and development projects to counter the Pandemiya threat. Nonetheless, Pandemiya is built to use existing means of spreading infection, such as drive-by download attacks, social engineering, exploit kits, and many others that security providers might not have trouble analyzing the threat.
