During a recent investigation into a server hosting SpyEye, we noticed that there were several open directories that led to other control panels. SpyEye was also the same malware family that recently targeted Polish users. One of the control panels is for URLZone/Bebloh. The other control panel, on the other hand, did not have any name or version so we named it after the server, “Spencerlor.” The investigation led to the discovery of what seems to be three botnets running on one server, which appears to be operated by at least two remote users, as the logs revealed.


These screenshots clearly show the constant improvements that bot control panels undergo. As shown here, cybercriminals are finding newer means to automate money transfer.

via One Server, Multiple Botnets | Malware Blog | Trend Micro.

Nessun commento.

Aggiungi il tuo commento