ZeuS byproduct ‘Silent Night’ Zbot ‘not a game-changer’

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
The Silent Night Zbot, a new variant of the infamous banking trojan ZeuS that wreaked havoc in mid-2009 may be impressive in its design but it’s “not any game changer,” according to a deep-dive report from Malwarebytes and HYAS.

Calling Silent Night “yet another banking Trojan based on ZeuS,” the 186-page report praised the malware’s design for being consistent and clean. “The author’s experience shows throughout the code,” researchers said. “Yet, apart from the custom obfuscator, there is not much novelty in this product.”

Researchers compared the functionality of the malware and its Command-and-Control (C2) panel with other Zbots that have been popular in recent years, including the Terdot fork, among ZeuS’s many iterations that emerged since first being discovered in July 2007.

While the bot’s design uses the ZeuS code as a template, much work had been done on its modification and modernization. Conceptually, it is very close to Terdot, “yet rewritten with an improved, modular design,” according to the report. Silent Night’s initial sample is a downloader, fetching the core malicious module and injecting it into various running processes. [....]
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top