The announcement of a new version of Citadel has been recently spotted in a public forum.

The Citadel version adds several interesting features, like an anti-emulator, and a new encryption algorithm based on RC4.



[+] Added antiemulyator, which allows you to protect your botnet on the reversing and getting into trackers. When you start, build a detective that he was running in a virtual machine or a sandbox CWSandbox, VMware, Virtualbox, Sandbox, he starts to behave differently and your botnet go unnoticed. Details were not disclosed, tks announcement is in the Public and the technology is very tricky.


[+] Since the previous encryption algorithm has been hacked a few months later, because of this, some customers got into ZeusTracker. We have developed and implemented a new encryption algorithm based on modified RC4. In cryptography uses a special key known only to the client. that requires its presence for decryption. Because each client’s own indvidualny key, now from one client will not suffer all the rest. If you got one, others will be protected from this. Now we are completely isolated from the automatic analysis builds. As a result, we obtain the two-level authorization, protection from the boat trackers.


via Update to Citadel : v. | Malwares dont need Coffee.

Nessun commento.

Aggiungi il tuo commento