Citadel V1.3.5.1: enter the fort’s dungeons

From Botnets.fr
Jump to navigation Jump to search

(Publication) Link to the old Wiki page : [1] / Google search: [2]

Citadel V1.3.5.1: enter the fort’s dungeons
Botnet Citadel
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 2012-10-18
Editor/Conference RSA
Link http://blogs.rsa.com/rsafarl/citadel-v1-3-5-1-enter-the-forts-dungeons/ (Archive copy)
Author Limor Kessem
Type

Abstract

The recent feature was christened under the name “Dynamic Config,” a technology implemented in Citadel v1.3.5.1 (“Rain Edition”) enabling botmasters smoother, quicker interactions with the victim through browser injection technology. Today’s fraud happens in real time, so speed is of the essence. This nifty function allows Trojan operators to create web injections and use them on the fly, pushing them to selected bots without the hassle of pushing/downloading an entire new configuration file.

Bibtex

 @misc{Kessem2012BFR1182,
   editor = {RSA},
   author = {Limor Kessem},
   title = {Citadel V1.3.5.1: enter the fort’s dungeons},
   date = {18},
   month = Oct,
   year = {2012},
   howpublished = {\url{http://blogs.rsa.com/rsafarl/citadel-v1-3-5-1-enter-the-forts-dungeons/}},
 }