Before malicious code outbreak of WannaCry, names such as Zbot, SpyEye, Ice IX, the Citadel is the most dangerous ransomware, spread across many machines around the world.
Before the advent of WannaCry, the names of the “family” malicious code such as Zeus Zeus Gameover, SpyEye … have the potential to create the botnet, strong infection for computers worldwide and is considered the most dangerous ransomware.
Zeus, also known as Zbot, is a dangerous trojan, infecting Windows users. They try to retrieve the secret information from the infected computer. Once it is installed, it also tries to load the configuration file and updated from the Internet.
Moreover, files of Zeus was created and customized by construction kit trojan, available online for cyber criminals. Zeus had spread malicious code for more than 74,000 in bank accounts of organisations such as Bank of America, NASA, Monster.com, ABC, Oracle …
Zeus Gameover (P2P)
Zeus Gameover is a variation of them Zeus. Ransomware works based on peer to peer botnet infrastructure. This code does not need to use the server Command and Control because the peer (the computer) are created in the network of the botnet can act as a Command and Control server independently.
In addition, the peer can download the commands or configuration files, it will then proceed to send the data stolen is to the malicious server. Zeus Gameover was contagious for about one million computers around the world.
SpyEye is malware, steal data (similar to Zeus). Malicious code created to steal money from your bank account online. SpyEye have the ability to steal bank account information, social security numbers and financial information can be used to access your bank account.
Ice IX (Zeus)
Ice IX is a modified version of the Zeus trojan, a notorious Bank, one of the most dangerous malicious code today. The cyber criminals use malicious code with the purpose of stealing your personal information and financial information, such as username, password for email or online banking account.
Citadel appears after the infamous Zeus’s source code leak into the year 2011. With open source, the Citadel was reviewed and improved by the cyber criminals to attack different software.
Carberp is also a trojan designed to help the bad guys steal personal information from online banking platforms to access on the infected computer. The behavior of this trojan is similar to other financial malware in them to Zeus.
However, it is capable of stealthy advance anti malware applications. Carberp can steal sensitive data from the infected machine and download the new data from the server controls and control.
Bugat is a trojan is likely similar to Zeus, is used by the information technology crime to steal financial information. Bugat can communicate with the Command and Control servers, updated list of financial websites that it close and made a steal information. After that, the information collected will be sent to the remote server of the bad guys.
Shylock is a malware of the Bank, was designed to get the user’s Bank certificate for bad purposes. Immediately after installed, Shylock to communicate with the Server Command and the Remote Control is controlled by the crime network, send and receive data to and from the infected computer.
Torpig is a type of program sophisticated malicious software designed to collect sensitive information, such as your bank account and credit card information from the victim.
Torpig botnet network, which is under the control of online criminals, is the main means to send spam or steal personal information or bank account online. Torpig also used the DGA algorithm to generate a list of domain names and locate the Command and Control servers used by hackers.
Malicious software to encrypt data and displays a message that the data can be decrypted when the ransom in a limited period of time. Although CryptoLocker may be removed by the various security solutions, but there is no way to decrypt the file locked.