New Spy Eye 'Toolkit' Kills Trojan, Then Steals Bank Info

Dennis Faas's picture

A new Trojan horse has surfaced online; its primary functionality makes it appear to be friendly to end users, but the final result can prove disastrous.

On one hand, the Spy Eye toolkit is celebrated for its ability to remove malicious rival programs from infected computers. It boasts a feature called "Kill Zeus" which removes all traces of the notorious Zeus virus from a victim's PC.

Of course, the Trojan horse has ulterior motives in playing the hero. It "Kills" the Zeus Trojan so that the computer is once again susceptible to attack, meaning that Spy Eye has exclusive access to usernames and passwords.

Botnet Problems on the Rise

Zeus and Spy Eye are both designed to give hackers a simple way to establish their own botnet network of password-stealing programs. Botnet problems escalated in 2009, with the U.S. Federal Bureau of Investigation estimating that they have caused $100 million in overall losses. (Source: yahoo.com)

Malicious programs like Spy Eye and Zeus are designed to steal bank information, which is then used to empty all known accounts. With Zeus out of the picture, Spy Eye can collect a much larger, uncontested dollar amount.

According to Symantec Senior Research Manager Ben Greenbaum, Spy Eye surfaced in Russian cybercrime forums this past December. However, the "Kill Zeus" option makes Spy Eye one of the most aggressive forms of crimeware around. The software can also steal data as it is transferred back to a Zeus command-and-control server.

Spy Eye Sparks Online Turf War

While hackers deploying the programs of other hackers might seem unique, "turf wars" appear to be nothing new to cybercrime. Two years ago the malicious program Storm Worm began attacking servers controlled by a rival known as Srizbi. A few years before that, the authors of the Netsky worm programmed their software to remove rival programs Bagle and MyDoom. (Source: idg.no)

On the black market, Spy Eye is selling at about $500. This is about one-fifth the price of premium versions of Zeus. For hackers, the large (yet immoral) payday that will likely result from owning one of these malicious programs is incentive enough to fork over the initial payment.

Rate this article: 
No votes yet