Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    November 2012
    S M T W T F S
    « Oct   Dec »
  • Email Subscription

  • About Us

    Archive for November 30th, 2012

    In the past year, we’ve noticed many changes in how toolkits and exploit kits are being used.  For starters, the bad guys are spending more time securing their creations , as well as the servers where their malware will be installed. They do this to prevent leaks, as well as to make things harder for security researchers.

    Here are some of the more well-known names, and what’s happened to them recently.


    ZeuS has technically always been purchased and installed in a relatively secure way. Many of its users tended to be more technically capable; its author (Monstr/Slavik) was also selective about to whom he sold ZeuS to. ZeuS is secure, stable and able to manage thousands of bots. This is why it became famous in the underground, and why its use remains frequent to this day.

    Citadel, IceIX

    Citadel and IceIX are both malware toolkits that were created using the leaked ZeuS source code as a starting point. They took advantage of ZeuS’s popularity and leaked source code to create their own versions. Aquabox, the author and seller of Citadel, has made improvements to the original ZeuS source code and admin panel, making it attractive to other cybercriminals.

    Read the rest of this entry »

    Posted in Bad Sites | Comments Off on News from the Underground: Toolkit/Exploit Kit Developments


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice