RSA researchers recently came across a new commercially-available Trojan called Beta Bot.
The malware appears to have evolved over time, and has been repurposed for financial fraud targeting banks, e-commerce sites and Bitcoin wallets.
“Beta Bot sports a data grabbing feature (by capturing HTTP POST requests), as well as a rather uncommon social engineering component that takes over the Windows user interface prompts, allowing it to interact with the end-user, escalate its own processes’ privileges, and make the infected PC its new home for the long run,” writes RSA cybercrime and online fraud communications specialist Limor S. Kessem.
The malware includes anti-virus disabling features, the ability to download files from the Internet as needed, and worm-like spreading capabilities via Skype or via USB devices. It’s also capable of killing competing malware communications, and possesses DDoS capabilities, according to RSA.
Kessem reports that the malware is being sold online by developer “betamonkey” for between $320 and $500 per build.