• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Home
  • Advertise With Us
  • Contact
  • Cookie Policy
    • Privacy statement (CA)
    • Cookie policy (CA)
    • Privacy statement (UK)
    • Cookie policy (UK)
    • Privacy statement (US)
    • Do Not Sell My Personal Information
    • Privacy statement (EU)
    • Cookie policy (EU)
    • Disclaimer

TechWalls

Technology News | Gadget Reviews | Tutorials

  • Reviews
  • Tech News
  • Tech Guide
  • Gadget & Apps

Kronos Trojan that steals browsing session credentials seen in black market ad

Updated on Jul 17, 2014 by Guest Authors

Those who are hoping to see the ultimate end of further Trojan variants building up on Zeus are in for a big frustration after security researchers from Trusteer, an IBM subsidiary, spotted a fresh malware that scrapes off log-in credentials and online banking information being flaunted in a black market forum.

Kronos is designed to target browsing sessions in Internet Explorer, Mozilla Firefox and Google Chrome and steal the log-in details of users, as portrayed on the Russian cybercriminal forum ad. It further explains that the banking Trojan employs such malicious techniques as form-grabbing, HTML content injection and Web injects for the theft.

kronos-trojan

One can recall that the Web injecting technique had been a popular strategy of cyber criminals who used the Zeus Trojan during its popularity before it was busted by authorities and its development stunted.

Accordingly, cyber criminals can smoothly transition to the Kronos Trojan using Zeus variants in the wild. And while the malware steals browsing session information, Kronos also works to defeat other malware on a computer system because of its user-mode rootkit for 32-bit and 64-bit Windows. As it performs its malicious activity, Kronos also shuns detection of anti-malware software tools and sandbox security systems, according to its developer.

However, that claim could be taken with a grain of salt, from the perspective of some security experts. To say that the Trojan can evade sandbox environments is merely trying to deduce the ocean based on a sample of droplet from it. That is so because the sandbox system comprises a large variety of security methods that have unique ways for catching even perhaps the most evasive virus. It is also highly impossible that a single Trojan such as Kronos, which has never been analyzed yet, could bypass all of sandboxes. And in order for that to be believable, it has to be sold for a princely sum that perhaps not all cybercriminals could afford it, which is not the case for Kronos.

Currently, the creator of Kronos is selling the malware tool for $7,000, inclusive of development services, upgrades and fixes. The price dwarfs that of the other malware, which are sold for only hundreds of dollars. But if the developer’s claims are true, then it is reasonable.

However, the security community and hacker groups alike have yet to verify whether the Kronos Trojan can live up to the publicity made by its creator, who developed the malware using the source code of another popular, but now defunct Trojan, Carberp.

Disclosure: As an Amazon Associate, I earn from qualifying purchases. The commission help keep the rest of my content free, so thank you!

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

SwitchBot Lock Review – Perfect Smart Lock for Renters

BREEZOME JH03 vs JH04 Air Purifier – Which One Should You Buy?

SwitchBot Curtain Smart Electric Motor Review – The Upgraded Version

COLORWING M08F Portable Thermal Printer Review – Requiring No Ink, Toner, or Ribbon

Follow TechWalls

YoutubeFacebookTwitterInstagram

Recent Posts

  • Premiere of the Demo of “EVOLUTION”, Tencent’s First Native Cloud Game, Leading Us to Set Off to the Real World Together
  • VANKYO Leisure 495W and Leisure 470 Pro Projector – New Full-HD Projector Series
  • SwitchBot Lock Review – Perfect Smart Lock for Renters
  • BLUETTI Father’s Day Deals – Power Gears for the Best Dad in the World

Copyright © 2022 · All Rights Reserved