UPDATED 22:11 EDT / JULY 23 2018

INFRA

No honor among thieves: Exobot banking virus source code leaked online

The source code for the Exobot banking trojan virus has been leaked online, putting even more Android users at risk of being targeted by the software.

First offered for sale in 2016 on the darknet, a shady part of the internet reachable by special software, Exobot was originally offered by the developers as malware-as-a-service. Hackers could rent the software on a monthly basis, but that changed in January this year when those behind the code decided to sell the source code for it instead.

Fast forward six months later and one of those buyers has now leaked the source code. Bleeping Computer reported that it has since “rapidly spread in the malware community, worrying researchers that a new wave of malware campaigns may be in the works.”

Access to the Exobot script potentially allows other hackers to create variants for future campaigns. Exobot itself has been previously distributed via malicious apps. Once on an infected Android device steals banking credentials, it can then be used to siphon money from a victim’s account.

Chris Olson, chief executive officer of The Media Trust Co., told SiliconANGLE that leakage of the Exobot source code reflects cybercrime’s thriving, rapidly growing underground economy with low barriers to entry.

“Malware can be easily purchased from a few dollars to several hundred dollars by individuals with even little technical expertise,” Olson explained. “Larger, more organized rings often appropriate the latest developments in cybersecurity and digital media to orchestrate their attack campaigns, which are becoming increasingly sophisticated and complex.”

Olson noted that ransomware has recently fallen from favor while the use of cryptomining malware is rising. “But regardless of what the new cyberweapon of the month is, corporations will need to keep up with their criminal counterparts by taking a holistic approach to cybersecurity more broadly, and securing their digital assets more specifically,” he said. “This means paying ever more attention to internal threats, which can account for more than half of an organization’s threats and are harder to detect and prevent.”

Image: rbulmahn/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU

Cookies

We employ the use of cookies. Find out more.