The 'Kronos' banking malware being sold on underground forums
The "Kronos" Trojan is designed specifically to steal log-in credentials and important financial information from unsuspecting users. This particular malware is being offered for use by cybercriminals, as advertising is popping up on underground forums. The ad was found on a Russian cybercriminal hacker forum, it has been recently confirmed.
Kronos is able to exploit Microsoft Internet Explorer, Mozilla Firefox and Google Chrome, stealing credentials on bank websites by form-grabbing and an HTML content injection.
"The cybercriminal underground is a market," said Dmitry Tarakanov, Kaspersky Lab senior security researcher, in a statement to PC World. "Source code leakages and botnet shutdowns have been happening constantly but we see virus writers from time to time come up with new (or based on old but modified) banking malware. It proves that the market wants such tools."
It's possible to find cybercriminal forums where malware, attack techniques, and stolen personal data can be traded or sold - and groups looking for contractors can hire hackers to carry out cyberattacks - with law enforcement struggling to try to shut down these types of operations.