Once upon a time a trojan...
Luis Corrons Panda
This is the story about how what seemed to be 'just another trojan' evolved into one of the biggest crimeware cases we
have ever seen.
We discovered it on 30 January when we were doing some tests in our Banking Trojans Alert Service. It was targeting
different banking companies, mainly from the US and UK. In the following days, several variations of the same trojan
appeared. From then on, we managed to find out who was behind these attacks.
First, we noticed different hackers using the same tool to steal data, but that was just the tip of the iceberg: we
realized how they were using the infected computers not only to steal that information, but also to offer some 'value
added services', such as sending spam and trojans, DDoS attacks, renting anonymous proxies to send spam, as well as
different software tools to make hackers' lives easier (to crypt and pack files, to check valid FTP accounts, and
scripts in Perl and PHP to send spam).
Secondly, we unmasked the author of the trojan that was for sale in different Russian forums. Not only was the trojan
for sale, but also credit cards, passports, databases, etc.
del.icio.us 
digg this
