September 28, 2016

SpyEye Tracker

Abuse.ch. has lunched a new project, SpyEye.  With reference to the project website,  SpyEye Tracker is similar to the ZeuS Tracker but SpyEye Tracker tracks and monitors malicious SpyEye Command & Control Servers and not ZeuS Command & Control Servers.

SpyEye Tracker provides blocklists in different formats (eg. for Squid Web-Proxy or iptables) to avoid that infected clients can access the Command & Control servers.

SpyEye Tracker could be helpful for the ISPs, CERTs and Law Enforcement to track malicious SpyEye Command & Control servers to combat with the cyber criminals.

Source:[https://spyeyetracker.abuse.ch]

Command and Control Network of Zeus 2 Botnet

Security researchers have uncovered the command and control network of a Zeus 2 botnet sub-system targeted at UK surfers that controlled an estimated 100,000 computers.

 

Cybercrooks based in eastern Europe used a variant of the Zeus 2 cybercrime toolkit to harvest personal data – including bank log-ins, credit and debit card numbers, bank statements, browser cookies, client side certificates, and log-in information for email accounts and social networks – from compromised Windows systems.

 

Trusteer researchers identified the botnet’s drop servers and command and control centre before using reverse engineering to gain access its back-end database and user interface. A log of IP addresses used to access the system, presumably by the cybercrooks that controlled it, was passed by Trusteer onto the Metropolitan Police.

Read the full article here.

Source: [TheRegister]