Crimeware-as-a-Service Threatens Banks | Article

From BankInfoSecurity

A new report from security firm Sophos raises alarms about the increasing sophistication of crimeware-as-a-service, an underground business model that pushes adaptable malware from a botnet, rather than simply infecting a single machine.

While Vawtrak’s crimeware-as-a-service model, better known as CaaS, has been around since about 2006, researchers say the crime rings that manage this type of service have perfected their techniques, affording them the ability to adapt their attacks for specific targets.

Don Jackson says PhishLabs’ Research Analysis and Intelligence Division recently observed a new version of Vawtrak that showed a dramatic acceleration in the development of the software that drives Vawtrak’s CaaS model, as well as an expanded targeting configuration, which has continually grown at the same pace since September 2014.