Difference between revisions of "Trojan.Prinimalka: bits and pieces"
Jump to navigation
Jump to search
m (Text replacement - " ddos.arbornetworks.com" to "") |
|||
(One intermediate revision by the same user not shown) | |||
Line 1: | Line 1: | ||
{{Publication | {{Publication | ||
|Link=http://ddos.arbornetworks.com/2012/10/trojan-prinimalka-bits-and-pieces/ | |Link=http://ddos.arbornetworks.com/2012/10/trojan-prinimalka-bits-and-pieces/ | ||
|Author=Dennis Schwarz | |Author=Dennis Schwarz | ||
|NomRevue=The Arbor Networks Security Blog | |NomRevue=The Arbor Networks Security Blog |
Latest revision as of 18:49, 8 February 2015
(Publication) Google search: [1]
Trojan.Prinimalka: bits and pieces | |
---|---|
Botnet | Prinimalka, Gozi |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 2012-10-29 |
Editor/Conference | Arbor Networks |
Link | http://ddos.arbornetworks.com/2012/10/trojan-prinimalka-bits-and-pieces/ (Archive copy) |
Author | Dennis Schwarz |
Type |
Abstract
“ Trojan.Prinimalka is a banking trojan associated with an attack campaign that received quite a bit of press in October 2012. “Project Blitzkrieg” is “a new cybecriminal [sic] project aimed at recruiting 100 botmasters to help launch a series of lucrative online heists targeting 30 U.S. banks. The Trojan installs a proxy on the victim host and then sends system/web browser details back to the C&C. The botmasters can use this setup to “spoof” banking requests as the unsuspecting banking user.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1196, editor = {Arbor Networks}, author = {Dennis Schwarz}, title = {Trojan.Prinimalka: bits and pieces}, date = {29}, month = Oct, year = {2012}, howpublished = {\url{http://ddos.arbornetworks.com/2012/10/trojan-prinimalka-bits-and-pieces/}}, }