Some six months after its creator copped a prison sentence, the notorious Citadel malware has re-emerged in a modified format, dubbed Atmos. According to Heimdal Security, the new strain is currently targeting several French banks and has also been detected while being delivered with Teslacrypt.
Citadel first surfaced in 2011, as cyber criminals used the leaked ZeuS code to come up with new and advanced malware strains which were able to inflict more damage and remain undetected for longer.
It didn't take long for the banking Trojan to become a type of malware distributed at a massive scale, with its creator Dimitry Belorossov facing conviction. "Citadel was not only capable of stealing money, but also personal data," said Heimdal security specialist Andra Zaharia. "The huge botnet behind it gave it the power to execute code on the enslaved computers, infecting them with malware from scareware to ransomware."
"The malicious actors behind Citadel then started to target public and private organizations, especially located in Europe, harvesting credentials to access internal applications and information management systems," added Zaharia, noting that as Citadel was classed as being in the top 10 most dangerous financial malware threats it was safe to assume that Atmos is a similarly powerful threat.
"Banking Trojans haven’t been as active as ransomware strains in the past half a year, but there’s nothing stopping them from making a comeback," said Zaharia. "And this is especially the case since users and companies tends to expose themselves to cyber attacks for lack of adequate patching."
No comments:
Write comments