silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,176
In their effort to hide the command and control (C2) server addresses, operators of a banking trojan placed them in fake websites and in descriptions for YouTube videos.
The name of the malware is Casbaneiro and its wide distribution is possible through ReLoader, an illegal activation tool to create pirated versions of the Windows operating system and Microsoft's Office suite.
Some variants of ReLoader download and install the banking trojan first and only then run their intended course.
Windows Activator Bundles Banker with C2 in YouTube Description
In their effort to hide the command and control (C2) server addresses, operators of a banking trojan placed them in fake websites and in descriptions for YouTube videos.
www.bleepingcomputer.com