Kaspersky Lab Examines AlbaBotnet

According to Kaspersky Lab expert Jorge Mieres, cybercriminals are currently testing AlbaBotnet, which is specifically designed to launch targeted phishing attacks aimed at stealing information from online accounts at the Chilean banks BCI and Santander.

“According to the data we have processed, this campaign is part of a trial stage of this botnet: up to now there has been no monetization of AlbaBotnet,” Mieres writes. “We do know that the author of this threat began testing it in early 2012.”

“Mieres notes some similarity with the Mexican vOlk-Botnet, and PiceBOT,” Infosecurity reports. “All three use the same encryption system, ‘So it’s quite possible that the underlying crypto code is shared between them,’ he conjectures.”

“The botnet includes an automated malware builder and a component that’s designed to automatically send out emails,” writes Softpedia’s Eduard Kovacs. “These features allow cybercriminals to customize their infection campaigns. Kaspersky proactively detects AlbaBotnet as Trojan.Win32.VBKrypt.pitu.”

“While AlbaBotnet currently appears to be targeting only accounts of two Chilean banks, it’s likely that the malware could be easily modified to expand its list of targets to other financial institutions,” writes SecurityWeek’s Mike Lennon. “Overall, Mieres says they have noticed an increase in the number of ‘home-grown Latin American threats’ targeting users in the region.”

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles