Slashdot Mirror

← Back to Stories (view on slashdot.org)

Zeus Variant 'Floki Bot' Targets PoS Data (onthewire.io)

Posted by BeauHD on from the out-of-the-woodwork dept.

Trailrunner7 quotes a report from On the Wire: Malware gangs, like sad wedding bands bands, love to play the hits. And one of the hits they keep running back over and over is the Zeus banking Trojan, which has been in use for many years in a number of different forms. Researchers have unearthed a new piece of malware called Floki Bot that is based on the venerable Zeus source code and is being used to infect point-of-sale systems, among other targets. Flashpoint conducted the analysis of Floki Bot with Cisco's Talos research team, and the two organizations said that the author behind the bot maintains a presence on a number of different underground forums, some of which are in Russian or other non-native languages for him. Kremez said that attackers sometimes will participate in foreign language forums as a way to expand their knowledge. Along with its PoS infection capability, Floki Bot also has a feature that allows it to use the Tor network to communicate. "During our analysis of Floki Bot, Talos identified modifications that had been made to the dropper mechanism present in the leaked Zeus source code in an attempt to make Floki Bot more difficult to detect. Talos also observed the introduction of new code that allows Floki Bot to make use of the Tor network. However, this functionality does not appear to be active for the time being," Cisco's Talos team said in its analysis.

25 comments

  1. Floki ha ha ha by Anonymous Coward · · Score: 0

    "Piece of Shit" data, ha ha ha

    1. Re:Floki ha ha ha by OneHundredAndTen · · Score: 1

      They meant Microsoft software.

  2. It's all in the name. by dcw3 · · Score: 1

    Someone's been watching too much TV...
    http://vikings.wikia.com/wiki/...

    --
    Just another day in Paradise
  3. Are we sure this is Russian? by Anonymous Coward · · Score: -1

    I suspect that this wasn't done by Russians. It's probably created by towelheads to cause trouble and steal money for their evil terror acts. If we want to stop criminals acts like this, we need to get rid of towelheads. Also, if niiggers were capable of creating malware, they would carry out theft with malware like this. Thankfully, niiggers aren't smart enough to do this. And, let's be honest, kikes would use this to steal money from unsuspecting people if they weren't too busy stealing money through other ways. Wetbacks are also known for their theft. And the chinks are constantly attempting to infiltrate western countries. We need to rid ourselves of niiggers, towelheads, chinks, wetbacks, kikes, and all other types of darkies. I hate their misdeeds and I hate them thoroughly. My hate is strong and I'm damned proud of it. In fact, my hate is getting stronger as I talk to you people. I'm not racist, however. And there's nothing racist about my post. Despite my complete lack of racism, you lunatics will call me a racist to try to discredit me. It's a common tactic to try to discredit a person or their statements when you can't actually argue against what they say. The fact is, all darkies actually really threats to security. Get rid of all the darkies and these problems will go away. No more towelheads, niiggers, kikes, wetbacks, and chinks!

    1. Re: Are we sure this is Russian? by Anonymous Coward · · Score: 0

      THAT'S RACIST!!!!

    2. Re: Are we sure this is Russian? by Anonymous Coward · · Score: -1

      There's nothing racist about my post. And I'm definitely not racist. I'm just telling the truth that you don't want to hear. It's a fact that niiggers, towelheads, wetbacks, chinks, kikes, and all other types of darkies are actively trying to undermine our society and our security. While niiggers and wetbacks are utterly incapable of malware, they would engage in such illicit activity if they had the ability. Certainly kikes, towelheads, and chinks are willing and able to attack us with malware. Let's tell the truth, that darkies are constantly engaged in criminal activity to harm us for their benefit. If you call it racism, you're simply unwilling to face facts.

    3. Re: Are we sure this is Russian? by Anonymous Coward · · Score: 0

      RACIST!

    4. Re: Are we sure this is Russian? by Anonymous Coward · · Score: 0

      As I said, the only criticism you people have is to call me a racist. However, I still haven't said anything that's racist. I'm obviously not a racist. Everything I've said is based on established facts. It's a fact that niiggers are committing massive amounts of violent crimes arena overcrowding our prisons. It's a fact that wetbacks are crossing our southern border in record numbers, smuggling drugs and weapons while they enter illegally. Towelheads are responsible for nearly all terror attacks committed. Chinks are constantly attempting to breach our security and steal our secrets. Kikes are positioning themselves in places of authority so they can steal our money for their profits. It's a proven fact that darkies are constantly working against us to undermine our society. That alone makes them the likely culprits behind malate infiltrating point of sale systems. This isn't racist. It's a well-supported hypothesis built on top of facts. I'm bringing facts to the discussion while all you're capable of doing is attempting to discredit me by falsely labeling me a racist.

    5. Re: Are we sure this is Russian? by Anonymous Coward · · Score: 0

      FUCKING RACIST.

    6. Re: Are we sure this is Russian? by Anonymous Coward · · Score: 0

      I see the trolls are now responding to themselves in a production of "retard theatre"

    7. Re: Are we sure this is Russian? by stealth_finger · · Score: 1

      Why the double i?

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    8. Re: Are we sure this is Russian? by JustAnotherOldGuy · · Score: 1

      all you're capable of doing is attempting to discredit me by falsely labeling me a racist.

      You're not a racist, you're an asshole. And if you ever dragged your goober ass through my neighborhood you'd be reclassified as a "target".

      --
      Just cruising through this digital world at 33 1/3 rpm...
    9. Re: Are we sure this is Russian? by Hognoxious · · Score: 1

      What double i?

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    10. Re: Are we sure this is Russian? by Anonymous Coward · · Score: 0

      You're a privileged, white, male, misogynist racist homophone.

    11. Re: Are we sure this is Russian? by stealth_finger · · Score: 1

      Thankfully, niiggers aren't smart enough to do this

      We need to rid ourselves of niiggers,

      No more towelheads, niiggers, kikes, wetbacks, and chinks!

      It's a fact that niiggers,

      While niiggers

      It's a fact that niiggers

      Those ones, at least Mr "Not a racist" here is consistent.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
    12. Re: Are we sure this is Russian? by Hognoxious · · Score: 1

      I think there's a problem with your browser. Are you running Windows? If so, reinstall your OS.

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    13. Re: Are we sure this is Russian? by stealth_finger · · Score: 1

      II'm not reiinstalliing anythiing.

      --
      Wanna buy a shirt?
      https://www.redbubble.com/people/stealthfinger/shop?asc=u
  4. the lights are coming up everywhere now by Anonymous Coward · · Score: 0

    sing along https://www.youtube.com/watch?v=H-kA3UtBj4M .. if we can do it almost anyone can

  5. Thank God it doesn't target valuable data. by Anonymous Coward · · Score: 1, Funny

    Only Piece of Shit data.

  6. Slavs and Mongols by Anonymous Coward · · Score: -1

    F Russia. F China.

    We should have nuked both of them. Stealing and lying is all they excel at.

  7. did you know by Anonymous Coward · · Score: 0

    Trump and Putin are bum chums (that's butt buddies to you wankey yankees)

  8. Yo dawg by Hognoxious · · Score: 1

    sad wedding bands bands

    Nice one, manishs.

    --
    Confucius say, "Find worm in apple - bad. Find half a worm - worse."
  9. Zeus Variant only targets Microsoft Windows by khz6955 · · Score: 2

    'Zeus, ZeuS, or Zbot is a Trojan horse malware package that runs on versions of Microsoft Windows'

  10. Zeus Variant and Malware gangs by khz6955 · · Score: 1

    Don't you mean Microsoft Windows and Zeus Variant and Malware gangs

  11. If it uses same C&C infrastructure as Zeus? by Anonymous Coward · · Score: 0

    See subject: Not just sourcecode, then this info. here stops it https://zeustracker.abuse.ch/monitor.php?filter=lastupdated/ by letting you BLOCK them out from your system (via hosts or firewalls). ... & for more protection vs. botnets/threats online use the best hosts file creator APK Hosts File Engine 9.0++ SR-4 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ as MOST malware & maliciously coded sites, botnets, + ads that bear infection use host-domain names over IP address, by far!

    * Works for all that by doing more for less with what you already natively have!

    APK

    P.S.=> Via hosts files a native part of your kernelmode IP stack vs. slower usermode so-called 'solutions' that are illogical "Bolted on 'MoAr'" that slow you down & are either full of bugs (DNS & antivirus) or 'souled-out' to advertisers (addons)... apk