What is Kronos, the malware that arrested Marcus Hutchins, the young man who accidentally stopped the virus WannaCry
The British Marcus Hutchins became an "accidental hero" in May of this year, by successfully stopping the spread of the WannaCry virus, the largest global cyber attack in recent times.
However, they now accuse him of having created another computer virus: a malicious program that has been stealing bank accounts since at least 2014.
On Wednesday, the 23-year-old was arrested in the United States and faces six charges "for his role in creating and distributing the Kronos Trojan," linked to bank fraud, the Justice Department said.
Why did Marcus Hutchins, the "hero" who arrested the spread of the computer virus WannaCry
"I panicked" - security expert Marcus Hutchins, 22, tells how he traced and stopped WannaCry, the biggest global cyber attack in recent times
US officials, who say they've been investigating for two years, say the computer analyst was making money with the virus in the AlpaBay dark web market, which was recently shut down by the Federal Bureau of Investigation (FBI) ).
They claim that, with the help of an anonymous accomplice, he sold the fraudulent program from his home in Devon, UK.
But how did Kronos work and what has it accomplished so far?
Bank scams for a high price
It is a malware (malware) that pretends to be a legitimate program to steal login credentials from bank accounts and other financial data through attachments and fraudulent links.
What is a Trojan?
It is a form of malware (malicious program) that is disguised as benign and infects the computer.
Its strength is that it traps victims to download and execute a malicious code.
It usually works through fraudulent attachments or emails.
Its name, like many computer software, comes from mythology: the famous Trojan horse mentioned in Homer's Odyssey.
It stays hidden in an application until it attacks the computer.
It serves to steal user names and passwords and other sensitive data.
It was first discovered in July 2014, when it was detected in a Russian cybercrime forum, which sold for a staggering $ 7,000, as it included free updates and bug fixes.
The Russian for which the FBI offers the greatest reward for a hacker
This high price caught the attention of many security researchers, as these viruses are sold for hundreds, not for thousands of dollars.
In fact, they are sometimes offered for free or distributed through leaks.
According to the Kronos publication in the Russian clandestine site, the virus was designed to "inject" it into systems affected by malicious Zeus software, one of the most well-known banking trojans in history, first detected in 2007 (and Later it was eliminated).
The creators of Kronos boasted in their ad to steal credentials from browsing sessions in Internet Explorer, Firefox and Chrome using what is known as "form recovery", a more sophisticated alternative to spyware.
But the fact that it was compatible with Zeus's "web-injections" made it easier for hackers to steal personal information.
Hard hit against arms and drug dealers on the dark internet: FBI and Europol close AlphaBay and Hansa markets
In October of 2015, IBM experts said the virus had been detected in attacks on websites of British and Indian banks.
In May 2016, cyber security firm Proofpoint reported that it had been used to target customers of Canadian financial institutions, and in November of that year the company stated that it was being distributed through thousands of emails.
Kronos's behavior, they explain in the Alphr technology site, is typical of a banking trojan, but it attacked users in various industries, from banks to universities and hospitals.
Campaigns were sent globally, but their focus was primarily on the United Kingdom and the United States.
Hello! I just upvoted you! I help new Steemit members! Upvote this comment and follow me! i will upvote your future posts! To any other visitor, upvote this post also to receive free UpVotes from me! Happy SteemIt!
Wow. i learn something new on here everyday. tuff break for Marcus. ^
Congratulations @alessandroborre! You received a personal award!
You can view your badges on your Steem Board and compare to others on the Steem Ranking
Vote for @Steemitboard as a witness to get one more award and increased upvotes!