KRONOS Trojan, Known For Hacking Bank Accounts, Gets A New Update


In Greek Mythology, Kronos is known as the father of lightning God Zeus. However, in the real world, “KRONOS” named virus is infamous for hijacking online bank accounts, conducting identity theft and much more.

According to Securonix researchers, the $7,000 Banker Trojan, available on the Russian Underground forum, has received a new update. For those who don’t know, Kronos belongs to the family of other advanced level trojans like Zeus, Gozi, Citadel.

The new variant of Kronos, also knows as Osiris, was first discovered in July 2018; three distinct campaigns targeted for Germany, Japan, and Poland are already underway, the research says.

The new update includes features like TOR network command control, keylogging, and remote control via VNC along.

bank account hack

The primary infiltration vector used in the campaigns include phishing e-mails, specially crafted Microsoft Word documents/RTF attachments. It uses an exploit kit like RIG EK to distribute the virus.

Also, the infiltrated malicious documents exploit a known buffer overflow vulnerability in MS Office Equation Editor Component—CVE-2017-11882.

The malware uses Anti-VM or Anti-Sandbox like mechanisms to evade detection on any virtual environment. Also, the Osiris virus can modify the internet zones and lower the browser’s security inject malicious code into the websites.

The trojan can also copy itself to different PC locations along with several DLLs, executables for TOR, and image files. It can also create shortcuts in the startup folder as well.

Also Read: 10 Best Free Antivirus Software For 2018 To Protect Your PC
Charanjeet Singh

Charanjeet Singh

Charanjeet owns an iPhone but his love for Android customization lives on. If you ever ask him to choose between an iPhone, Pixel or Xiaomi; better if you don't.
More From Fossbytes

Latest On Fossbytes

Find your dream job