The Italian Honey Project

RSA Conference 2010 — Russian hackers have written a more sophisticated version of the infamous BlackEnergy Trojan associated with the 2008 cyberattacks against Georgia that now targets Russian and Ukrainian online banking customers.

. “The rules have changed,” Stewart says. “There was once an unwritten rule that they didn’t attack their own banks.”

But like most cybercrime operations, money is money, and the BlackEnergy botnet gang appears to be expanding its operations for more profit.

While the Zeus Trojan remains the most popular Trojan, Stewart says BlackEnergy 2 can do things Zeus cannot, such as stealing online credentials plus DDoS-ing. BlackEnergy 2 also steals the user’s private encryption key. Stewart has written an analysis of the Trojan, available here.

via New BlackEnergy Trojan Targeting Russian, Ukrainian Banks – DarkReading.