Kronos (malware)

Kronos was a type of banking malware first reported in 2014. It was sold for $7,000.[1]

It was developed as a followup to the UPAS Kit which has been released in 2012.[2]

Similar to Zeus[3] it was focused on stealing banking login credentials from browser sessions via a combination of keylogging and web injection.[4] In 2015, its attacks were focused on British banks.[1][2]

In August 2017, British security researcher Marcus Hutchins (aka 'MalwareTech'), previously notable for his involvement stopping the May 2017 WannaCry ransomware attack,[5] was arrested by the FBI whilst visiting the United States.[6] He was alleged to have created the software in 2014, and to have sold it in 2015 via the AlphaBay forums.[7][8] Hutchins later admitted to being paid to work on Kronos and its predecessor UPAS Kit as the main developer between 2011 and spring 2015.[2]

References

Kessem, Limor (October 2, 2015). "UK Banks Hit With New Zeus Sphinx Variant and Renewed Kronos Banking Trojan Attacks". Security Intelligence. Retrieved November 8, 2018.
Greenberg, Andy (12 May 2020). "The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet". Wired. Retrieved 13 May 2020.
"Overview of the Kronos banking malware rootkit". Lexsi Security Hub. September 24, 2014. Retrieved November 8, 2018.
Constantin, Lucian (14 July 2014). "New banking malware 'Kronos' advertised on underground forums". Retrieved 4 August 2017.
Gibbs, Samuel (22 May 2017). "WannaCry hackers still trying to revive attack says accidental hero". The Guardian. Retrieved 22 May 2017.
McGoogan, Cara (4 August 2017). "WannaCry hero Marcus Hutchins could face 40 years in US prison". Retrieved 4 August 2017.
Cox, Joseph (August 3, 2017). "Kronos Indictment R". DocumentCloud. (independent journalist). Retrieved November 8, 2018.
Kerr, Orin (3 August 2017). "The Kronos indictment: Is it a crime to create and sell malware?". Retrieved 4 August 2017.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.

[secin-1] Kessem, Limor (October 2, 2015). "UK Banks Hit With New Zeus Sphinx Variant and Renewed Kronos Banking Trojan Attacks". Security Intelligence. Retrieved November 8, 2018.

[Greenberg-2] Greenberg, Andy (12 May 2020). "The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet". Wired. Retrieved 13 May 2020.

[3] "Overview of the Kronos banking malware rootkit". Lexsi Security Hub. September 24, 2014. Retrieved November 8, 2018.

[4] Constantin, Lucian (14 July 2014). "New banking malware 'Kronos' advertised on underground forums". Retrieved 4 August 2017.

[5] Gibbs, Samuel (22 May 2017). "WannaCry hackers still trying to revive attack says accidental hero". The Guardian. Retrieved 22 May 2017.

[6] McGoogan, Cara (4 August 2017). "WannaCry hero Marcus Hutchins could face 40 years in US prison". Retrieved 4 August 2017.

[7] Cox, Joseph (August 3, 2017). "Kronos Indictment R". DocumentCloud. (independent journalist). Retrieved November 8, 2018.

[8] Kerr, Orin (3 August 2017). "The Kronos indictment: Is it a crime to create and sell malware?". Retrieved 4 August 2017.