The developers of the Citadel Trojan recently released version 18.104.22.168, "Rain Edition."
"The new variant costs more than its predecessor -- $3,391, up from $2,399 --but it also comes with some brand new features," writes Softpedia's Eduard Kovacs. "One of the most noteworthy new features is called 'Dynamic Config.' It allows botmasters to interact faster with their victims via browser injection technology. 'This nifty function allows Trojan operators to create web injections and use them on the fly, pushing them to selected bots without the hassle of pushing/downloading an entire new configuration file,' RSA’s Limor Kessem explained."
"Meantime, the Citadel creators also are offering more customer support with this version," writes Dark Reading's Kelly Jackson Higgins. "It allows up to five programmers per admin on the tool, which allows the bad guys to hire out help to infect machines."
"Citadel is built off of the Zeus Trojan source code, however it is closely guarded by its keepers," writes Threatpost's Michael Mimoso. "It is sold only on two Russian-speaking underground forums, and the authors are careful about who they sell to in order to keep support costs down and prevent infiltration by law enforcement. "https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
"Citadel, along with other banking trojans, usually infects users through spam or drive-by download campaigns launched by saboteurs," writes SC Magazine's Danielle Walker. "Banking malware often aims to steal account login credentials to transfer money to attackers, either in the background or by hijacking victims' computers."