INFRA
INFRA
INFRA
No honor among thieves: Exobot banking virus source code leaked online
The source code for the Exobot banking trojan virus has been leaked online, putting even more Android users at risk of being targeted by the software.
First offered for sale in 2016 on the darknet, a shady part of the internet reachable by special software, Exobot was originally offered by the developers as malware-as-a-service. Hackers could rent the software on a monthly basis, but that changed in January this year when those behind the code decided to sell the source code for it instead.
Fast forward six months later and one of those buyers has now leaked the source code. Bleeping Computer reported that it has since “rapidly spread in the malware community, worrying researchers that a new wave of malware campaigns may be in the works.”
Access to the Exobot script potentially allows other hackers to create variants for future campaigns. Exobot itself has been previously distributed via malicious apps. Once on an infected Android device steals banking credentials, it can then be used to siphon money from a victim’s account.
Chris Olson, chief executive officer of The Media Trust Co., told SiliconANGLE that leakage of the Exobot source code reflects cybercrime’s thriving, rapidly growing underground economy with low barriers to entry.
“Malware can be easily purchased from a few dollars to several hundred dollars by individuals with even little technical expertise,” Olson explained. “Larger, more organized rings often appropriate the latest developments in cybersecurity and digital media to orchestrate their attack campaigns, which are becoming increasingly sophisticated and complex.”
Olson noted that ransomware has recently fallen from favor while the use of cryptomining malware is rising. “But regardless of what the new cyberweapon of the month is, corporations will need to keep up with their criminal counterparts by taking a holistic approach to cybersecurity more broadly, and securing their digital assets more specifically,” he said. “This means paying ever more attention to internal threats, which can account for more than half of an organization’s threats and are harder to detect and prevent.”
Image: rbulmahn/Flickr
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
