Some blogs, stories, and white papers that covered SpyEye have been released but none of them really talked about the interface and how criminals may be using it.

The actual interface is broken down into two components. The first component is the front-end interface called “CN 1” or “Main Access Panel.” This interface is where the bot master can interact with the bots. It shows statistics in relation to infected machines.

The second interface is more like the back end and is called “SYN 1” or “Formgrabber Access Panel.” This interface actually collects and logs data. Moreover, it also allows the bot master to make queries against the collected data and to view the stolen data through the interface. In this post, the first one in a two-post series, we will first look at CN 1 and how it may be used.


via The SpyEye Interface, Part 1: CN 1 | Malware Blog | Trend Micro.

Nessun commento.

Aggiungi il tuo commento