Carberp is one of the notorious Banking trojan which is designed to steal online banking login details and other financial information from users.
The source code for the Carberp has reportedly been leaked. A password-protected archive file containing the source code appeared to be published online few days ago.
However, at the time, researchers are not able to confirm whether the leak is genuine or not. Today, researchers confirmed the leak after the password was posted in one of the underground forum.
CSIS reports that they have downloaded a package that include "Carberp bootkit along with other source codes for what seems to be e.g. Stone bootkit, Citadel, Ursnif etc."
The source code for the Carberp has reportedly been leaked. A password-protected archive file containing the source code appeared to be published online few days ago.
However, at the time, researchers are not able to confirm whether the leak is genuine or not. Today, researchers confirmed the leak after the password was posted in one of the underground forum.
Image Credits: Touch My Malware |
CSIS reports that they have downloaded a package that include "Carberp bootkit along with other source codes for what seems to be e.g. Stone bootkit, Citadel, Ursnif etc."
"By this leaks, malware will change drastically, we can expect a new merge lmalicious function, more sophisticate botnet, and unpredicted or unexpected vector of attack coming after this, like new variant of APT adopting these codes, or cred.stealer from Asia, or else.." MalwareMustDie Team told EHN.