HomeCAPERB TROJAN
CYBER KENDRA :: INDEX :: PRODUCTS
Page 1 of 1
CAPERB TROJAN
by Admin Tue Dec 10, 2013 12:12 pm
Carberp is a recently (2010) discovered banking Trojan. Although it is not as well known as the currently dominating banking Trojans, such as ZeuS or SpyEye, we can’t simply ignore it due to its powerful capabilities, which may lead it to greater success in the future. The main characteristics of Carberp are:
It comes with three plugins:
MiniAV, StopAV and Passw.
MiniAV is a generic mini-antivirus which was designed to kill specific trojans or other uncategorized possibly malicious applications that had been heuristically considered as malware. It includes a disinfection mechanism against ZeuS, Adrenalin, Limbo, Barracuda and BlackEnergy. That a malicious application would contain a built-in mini antivirus is not something new, we have seen it before with Tatanga as well.
The plugin StopAV’s purpose is to take out (kill) various antivirus products, meanwhile ....
the plugin Passw contains password stealing functionality for various applications (ftp, pop3, passwords from Window registry…).
It has a very sophisticated installation mechanism which includes remote code injection into the default webbrowser and svchost.exe, and contains a payload which tries to exploit a vulnerability in the operating system (MS08-025). This executes code in the kernel which restores various system hooks used by security applications, thereby concealing the Trojan.
Together with backdoor functionality and HTML injection it is able to perform Man-in-the-Browser type attacks against the victims.
PRICE: $100
It comes with three plugins:
MiniAV, StopAV and Passw.
MiniAV is a generic mini-antivirus which was designed to kill specific trojans or other uncategorized possibly malicious applications that had been heuristically considered as malware. It includes a disinfection mechanism against ZeuS, Adrenalin, Limbo, Barracuda and BlackEnergy. That a malicious application would contain a built-in mini antivirus is not something new, we have seen it before with Tatanga as well.
The plugin StopAV’s purpose is to take out (kill) various antivirus products, meanwhile ....
the plugin Passw contains password stealing functionality for various applications (ftp, pop3, passwords from Window registry…).
It has a very sophisticated installation mechanism which includes remote code injection into the default webbrowser and svchost.exe, and contains a payload which tries to exploit a vulnerability in the operating system (MS08-025). This executes code in the kernel which restores various system hooks used by security applications, thereby concealing the Trojan.
Together with backdoor functionality and HTML injection it is able to perform Man-in-the-Browser type attacks against the victims.
PRICE: $100
Admin- Admin
- Posts : 107
Join date : 2013-12-07
Age : 40
Location : United Kingdom -
CYBER KENDRA :: INDEX :: PRODUCTS
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum