As profit remains the main driver of these threats, cybercriminals will continue to implement new features to increase profit and new countermeasures to protect their investment by keeping security researchers in the dark. So far, the following notorious crimeware underwent some noteworthy changes.
ZeuS. Though last updated around more than 2 years ago, ZeuS remains popular among cybecriminals due to its reliability. Because it was coded well, cybercriminals continue to earn money from this toolkit and evade law enforcement.
Spyeye. Initially deemed as ZeuS’ rival, SpyEye’s creator Gribodemon offered the toolkit as an alternative while providing support to existing ZeuS customers. Since its debut in 2009, it underwent several improvements until its creator disappeared sometime in 2010.
Citadel and Ice IX. Both are considered by-products of ZeuS, however each of these toolkits present certain improvements. Citadel contains more user-friendly control panel, while Ice IX is supposedly protected against trackers.
Blackhole exploit kits. Known to distribute malware by exploiting known software vulnerabilities, the stealthier version of Blackhole Exploit Kit was recently released. To avoid detection, its creator Paunch does not directly provide the kit, but instead installed in a web server somewhere that is connected to a database for logging and reporting.