Kronos (malware) explained
Kronos was a type of banking Windows malware first reported in 2014. It was sold for $7,000.[1]
It was developed as a followup to the UPAS Kit which has been released in 2012.[2]
Similar to Zeus,[3] it was focused on stealing banking login credentials from browser sessions via a combination of keylogging and web injection.[4] In 2015, its attacks were focused on British banks.[1]
In August 2017, British security researcher Marcus Hutchins (aka 'MalwareTech'), previously notable for his involvement stopping the May 2017 WannaCry ransomware attack,[5] was arrested by the FBI whilst visiting the United States.[6] He was alleged to have created the software in 2014, and to have sold it in 2015 via the AlphaBay forums.[7] [8] Hutchins later admitted to being paid to work on Kronos and its predecessor UPAS Kit (named after the toxic Upas tree) as the main developer between 2011 and spring 2015.
Notes and References
- Web site: Kessem . Limor . UK Banks Hit With New Zeus Sphinx Variant and Renewed Kronos Banking Trojan Attacks . Security Intelligence . October 2, 2015 . November 8, 2018.
- Greenberg . Andy . 12 May 2020 . The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet . Wired . 13 May 2020 .
- Web site: Overview of the Kronos banking malware rootkit . Lexsi Security Hub . September 24, 2014 . November 8, 2018.
- News: Constantin. Lucian. New banking malware 'Kronos' advertised on underground forums. 4 August 2017. 14 July 2014.
- Web site: Gibbs . Samuel . WannaCry hackers still trying to revive attack says accidental hero. The Guardian. 22 May 2017 . 22 May 2017.
- News: McGoogan. Cara. WannaCry hero Marcus Hutchins could face 40 years in US prison. 4 August 2017. 4 August 2017.
- Web site: Cox . Joseph . (independent journalist) . Kronos Indictment R . DocumentCloud . August 3, 2017 . November 8, 2018.
- News: Kerr. Orin. The Kronos indictment: Is it a crime to create and sell malware?. 4 August 2017. 3 August 2017.