Last weekend we have seen some heat around a post published by IBM regarding the discovery of a new banking trojan. In the article, they stated that, recently, Trusteer researchers had discovered a new malware sample whose behaviour resembled those of Zeus and Carberp. As this sounded quite strange, we reviewed all the info available and, for us, there is no evidence to support that we are facing a new banking trojan but just a variant of the Kins trojan sight by S21sec a while ago.
Related to this, during 2014, S21sec has seen the following activity regarding banking trojans:
As you can see, en 2014 Kins has dethroned Citadel which held the crown since 2013. As this seems to be the norm on the trojan battlefield we are pretty confident that we will see new banking trojans in the future but, right now, there are not enought data to make any guesses. Of course, it is needless to say that we will keep you informed whenever we had any interesting info on the topic.
While analyzing the latest version of Citadel (126.96.36.199) we were able to observe two changes that try to make malware analysts' life harder. These changes also had been announced on a particular underground forum before they appeared in the wild.[+]…