ZeuS-KINS-a new malware makes victims among Internet users

Status
Not open for further replies.

Rus Anca

Level 25
Thread author
Verified
Jun 18, 2014
1,403
ZeuS-KINS-a new malware makes victims among Internet users

Many users are victims of a malicious botnet, called Kinsale. Between entities affected individuals are found, public and private organizations in various fields.

The actual number of systems affected is likely to be significantly greater if we consider that, usually a public IP address can be an interface to the Internet for a whole infrastructure of an organization's information systems.

Description
According to information obtained by CERT-RO far, the campaign is based on a malware known as the Kinsale - a Trojan aimed at stealing confidential information, especially different credentials to access financial services (banking trojan) and non -financiare. Another name used by cyber security experts for this malware is Zeus Kinsale, it was found that it uses much of the source code of ZeuS trojan family well known.

Zeus and SpyEye similarities can be observed amenities including:
architecture like Zeus / SpyEye: a master file and plugins based DLLs;
compatible with injection utility Zeus Web sites;
contains Anti-Rapport plugin that is used by SpyEye;
works with RDP (Remote Desktop Protocol), as SpyEye;
not require advanced technical knowledge to use.

Currently, Kinsale is spread through mining packages (exploit kits) and "Neutrino" or "Kinsale Toolkit" and uses the techniques of the most sophisticated packaging.

Impact
The attackers full access to systems infected with this malware and monitor applications and services accessed by users in order to gain access credentials and other confidential information.
Today it is known that malware can infect easily Kinsale systems running Windows 8 and other x64 operating systems and ensure their persistence on infected systems at VBR (Volume Boot Record).

Detection and disinfection
The detection and disinfection systems infected with ZeuS-kins, we recommend using a special tool designed for this purpose, provided by company Bitdefender, in 2 versions, thus:

1)Centralized scanning and disinfection systems in a network:ftp://ccanz00-read:YA%5Euf%2EHs%5Bp27@horizon.bitdefender.ro/2014-05-06/BitdefenderNetworkRemovalToolZeusKins.exe

2)Scanning and disinfecting individual (standalone) computer systems.:http://download.bitdefender.com/am/malware_removal/BitdefenderRemovalZeusKins.exe
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top