RSA Warns of New Beta Bot Trojan

RSA researchers recently came across a new commercially-available Trojan called Beta Bot.

The malware appears to have evolved over time, and has been repurposed for financial fraud targeting banks, e-commerce sites and Bitcoin wallets.

“Beta Bot sports a data grabbing feature (by capturing HTTP POST requests), as well as a rather uncommon social engineering component that takes over the Windows user interface prompts, allowing it to interact with the end-user, escalate its own processes’ privileges, and make the infected PC its new home for the long run,” writes RSA cybercrime and online fraud communications specialist Limor S. Kessem.

The malware includes anti-virus disabling features, the ability to download files from the Internet as needed, and worm-like spreading capabilities via Skype or via USB devices. It’s also capable of killing competing malware communications, and possesses DDoS capabilities, according to RSA.

Kessem reports that the malware is being sold online by developer “betamonkey” for between $320 and $500 per build.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles