Search This Blog

Thursday, October 23, 2014

The Evolution of Webinject

Last month, we presented “The Evolution of Webinject” in Seattle at the 24th Virus Bulletin conference. This blog post will go over its key findings and provide links to the various material that has been released in the last few weeks. Here you can read the paper, conference slides and therecording of presentation.
I have been studying banking trojans for several years now and have looked at many, many different webinjects. After a while, we started to see common patterns in different Webinjects used across different banking Trojans. We saw code and administration panels being reused as well as sellers becoming popular in underground forums. This brought the following question: is there a ubiquitous webinject kit that everyone was using? This paper tries to answer this question.


The Evolution of Webinject

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.