Bastard child of SpyEye/ZeuS merger appears online

The Register

 

interesting and scary article! in a couple of years the antiviruses are going to be obsolete. we should reconsider the security setup to face the new wave of the internet threats...

 

From the link that LoneWolf posted:

 

SpyEye 1.3, played with it a couple of days ago.

 

http://www.trusteer.com/blog/alleged-newmerged-spyeye-and-rapport

 

They should look to the underground forums or malware reviewing places. Spyeye with anti-Rapport module is readily available.

 

Have you tested it against SafeOnline, Spyshelter and Zemana anti-logger? They should protect against it.

 

No lol not usually with such tools unless there's some specific claim either side. I see what avs think of it through VT then look at it's make up, see what its doing and how.

 

I couldn't figure from the article, has Trend Micro actually tested that sample against Rapport? Or, all was mentioned is that this sample has "capabilities" of bypassing Rapport? Because, one thing is to have "capabilities", one other to actually do it.



My opinion is that, when some security vendor in possession of some sample mentions in their blog an article stating that the sample bypasses a security product from one other security vendor, some evidence should be provided, not just what the sample says it can do. Otherwise, they're just spreading FUD, IMO.

At least, that's how I see it.

 

http://www.trusteer.com/blog/alleged-newmerged-spyeye-and-rapport

Conclusion: A lot of noise for nothing

 

Thank you.

 

Unfortunately, the way I see it, the report from Seculert is nothing more than advertisement to their product(s).

Now, this is some serious work, IMO. Sure, only regarding ZeuS, but I wonder if others (security vendors, no? OK. lol) do pressure what would come out of this? After all, who wants a bad reputation and to be widely blocked? Bad for business, right?

-http://www.abuse.ch/?p=3130

I enjoy this person's work. It's lovable, IMHO.

 

Scary stuff, once physically infected. Thanks for posting.

 

The SpyEyetracker website, mentioned in the last JRViero linked article above, has interesting info. link
Numbers show 49 SpyEye C&C servers (with files) today, yesterday it was 48, tuesday was 46, last May only 20; spreading like wildfire...
Thanks for updating, JRViero.

 

it's not scary If it's a computer Code it can be reversed

and thanks god we Have some excelent experience here and there

so no worries

Once a sample Got caught sonner or Later a Fix will Be avalible

 

It is scary for online bankers who lost money, which is harder to fix.

 

Personally, I don't see the problem. At least for me in Sweden, if someone hacks my banking account and takes all my money, I get all money back from the bank anyway because it's considered a 'robbery'. Not sure what it's like in America though.

 

I dont expect antivirus programs to be obsolete in a few years.
I cant think of an alternative.
nothing provides 100% protection.

 

Antiviruses are already obsolete... they're just the easiest to set up.

 

That is why I use DefenseWall.

 

DefenseWall is great I just wish there were 64bit versions. 32bit is quickly becoming obsolete... and if I didn't feel like an argument I'd go so far as to say it already is.

 

I'll probably be on 32 bit for a while. I'm between jobs right now so I can't afford to buy a 64 bit version of Windows. I'm glad there are programs as good as DefenseWall for 32 bit.