Malware Author Contacts Security Vendor to Correct His Trojan's Description

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
The author of the Bilal Bot Android banking trojan has reached out to IBM's X-Force security team and demanded they issue corrections for how they've described his malware.

This all started after IBM released a report at the end of April about the top Android banking trojans sold on criminal underground hacking forums, after the developer of GM Bot, one of the most dangerous and versatile mobile banking trojans, was banned from several forums.

One of the rising threats, as highlighted by IBM in its report, was an Android banking trojan named Bilal Bot, which the company's analyst named a low-cost alternative to GM Bot.
Sorry IBM!
We at Softpedia ran an article based on the IBM X-Force report on our Security News section.

Lo and behold, about ten days after we ran our story, we received an email from Bilal Bot's author, claiming we were spreading the wrong information. Your reporter answered the sender and explained that Softpedia, as an authorized news agency had simply reported on IBM's findings, and he should contact IBM to have the report corrected.

Of course, this was our way of dismissing this "supposed" malware author and move on to more important things. We never expected that he'd be so foolish, as a de-factor criminal, to contact IBM, a cyber-security company, based on whose reports law enforcement put people like him behind bars. But, he did, according to a recounting of events from IBM's Limor Kessem, published today.

The IBM report was giving his malware a bad rep
Bilal Bot's (supposed) author wanted IBM to amend its original blog post and have them include the most recent information.

"If I had to guess, I would say what bothered Bilal Bot’s vendor the most is that my original blog post called his malware a 'low-cost option' compared to GM Bot," Kessem noted today. "It is very possible that the price has gone up since the malware moved forward from the beta version, and the developer does not want potential buyers to demand the lower price they may have read about somewhere else."

According to a subsequent investigation by IBM researchers following the email received from Bilal Bot's creator, the banking trojan did receive new features and was sporting a higher price, which sustains Kessem's theory that the malware coder just wanted to move up to a higher price range.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
I'm not sure if there will be a clever result for that, however crime is crime and revealing your identity even only a screen name can be huge lead already to authorities.
 
  • Like
Reactions: DardiM

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top