How Not To Lose A Community’s Trust

Humbled Malware Author Leaks His Own Source Code to Regain Community’s Trust by Catalin Cimpanu.

From the post:

The author of the Nuclear Bot banking trojan has leaked the source code of his own malware in a desperate attempt to regain trust and credibility in underground cybercrime forums.

Nuclear Bot, also known as NukeBot and more recently as Micro Banking Trojan and TinyNuke, is a new banking trojan that appeared on the malware scene in December 2016, when its author, a malware coder known as Gosya, started advertising it on an underground malware forum.

According to Gosya's ad, this new banking trojan was available for rent and included several features, such as:

  • Formgrabber and Web-Injection modules (Firefox, Chrome, IE, and Opera)
  • A SOCKS proxy module
  • Remote EXE file launcher module
  • Hidden VNC module that worked on Windows versions between XP and 10
  • Rootkit for 32-bit and 64-bit architectures
  • UAC bypass
  • Windows Firewall bypass
  • IBM Trusteer firewall bypass
  • Bot-killer – a mini anti-virus meant to remove all competing malware from the infected machine

Subsequent analysis from both Arbor Networks and Sixgill confirmed the trojan's deadly features. In spite of these favorable reports, Gosya's Nuclear Bot saw little adoption among cybercrime gangs, as the malware's author miserably failed to gain their trust.

See Catalin’s post for the most impressive list of social fails I have seen in years. Seriously.

More importantly, for hacker and other forums, learn the local customs. Always.

Enjoy!

Comments are closed.