Watch out for CoreBot, new stealer in the wild
(Publication) Google search: [1]
Watch out for CoreBot, new stealer in the wild | |
---|---|
Botnet | CoreBot |
Malware | |
Botnet/malware group | Banking, Stealing |
Exploit kits | |
Services | |
Feature | Domain generation algorithm |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2015 / 2015-08-28 |
Editor/Conference | Security Intelligence |
Link | https://securityintelligence.com/watch-out-for-corebot-new-stealer-in-the-wild/ (Archive copy) |
Author | Limor Kessem, Martin Korman |
Type | Blogpost |
Abstract
“ That brings us to CoreBot, a new information stealer discovered and analyzed by IBM Security X-Force researchers, who indicate this is one malware piece to watch out for. CoreBot appears to be quite modular, which means that its structure and internal makeup were programmed in a way that allows for the easy adding of new data theft and endpoint control mechanisms.
CoreBot was discovered while the researchers were studying the activity of malware on Trusteer-protected enterprise endpoints. The malware’s compiled file was named “core” by its developer. Antivirus engines do not specify this malware’s name yet and detect it under generic names such as Dynamer!ac or Eldorado. But while CoreBot may appear artless at first glance, without real-time theft capabilities, it is more interesting on the inside.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2015BFR4775, editor = {Security Intelligence}, author = {Limor Kessem, Martin Korman}, title = {Watch out for CoreBot, new stealer in the wild}, date = {28}, month = Aug, year = {2015}, howpublished = {\url{https://securityintelligence.com/watch-out-for-corebot-new-stealer-in-the-wild/}}, }