AhnLab Issues Comprehensive Analysis of Citadel Malware

AhnLab Issues Comprehensive Analysis of Citadel Malware 
New ReportCollects Comprehensive Information From Infected PCs That
Includes Banking/Network Credentials 
SEOUL, SOUTH KOREA and SAN FRANCISCO, CA -- (Marketwire) -- 11/26/12
--  AhnLab, Inc. (http://global.ahnlab.com), a leading provider of
integrated security solutions today announced the release of a
comprehensive and complete analysis of Citadel malware, the latest
generation of bank information-stealing malware that can affect
business and personal online banking transactions alike.  
In 2012, Citadel has emerged as the most dominating malware with
enhanced malicious functions. The most famous banking-targeted
malware before Citadel was Zeus and SpyEye Trojan.  
According to AhnLab, Citadel has many things in common with Zeus. It
creates and manages the botnet, a collection of Internet-connected
computers that are infected with malware. It is designed to collect
personal information from infected PCs including online banking
information, Web browser credential and SNS account data. The malware
also delivers ransomware and scareware from attacker in attempts to
extort money directly from victims.  
In terms of information theft, Citadel's abilities easily surpass
those of Zeus. Both types of malware collect and leak basic
information of infected PC, including OS information, Web browser
usage, system time, and user admin name before they steal banking
credentials. Citadel leaks more comprehensive information about the
infected PC including domain information of local network, the list
of database servers, network configuration information and homepage
setting information. With this data acquired, the attacker can design
more targeted threats.  
Citadel is provided in a Software-as-a-Service (SaaS) model, and it
has its own store so this malware can be managed the malware from
creation to maintenance. The store offers the Citadel builder,
botnets paying in monthly basis, update service, a test to avoiding
Anti-Virus software and many other features. Citadel's model is
indicative of the recent trend in the cybercrime ecosystem. 
To get a copy of this report, go to www.ahnlab.com or send email to
AhnLab's AOS provides integrated and multi-layered transaction
security against comprehensive security threats. With four primary
components including AOS Secure Browser, a dedicated security browser
that creates a protected environment for online transactions, AOS
Anti-keylogger, AOS Firewall and antivirus, AhnLab's AOS prevents
confidential data loss through this kind of advanced and targeted
attack from sophisticated malware such as Zeus, SpyEye and Citadel.
After the full analysis of Citadel malware, AhnLab continues to
research possible Citadel variants.  
AhnLab's AOS is used by the several world's most famous banks
including Citibank Korea, Banamex, Banco Santander in Mexico, and
Cornerstone Community Bank in US. 
About AhnLab 
Headquartered in South Korea and with US HQ in San Francisco, AhnLab
Inc. (KRX: 053800) develops industry-leading security solutions and
provides professional services that are designed to secure and
protect critical business and personal information. As a leading
innovator in the information security arena for more than 20 years,
AhnLab' s cutting edge products and services fulfilling the stringent
security requirements of both enterprises and individual users.  
AhnLab' s products and services include anti-virus solutions,
network, mobile and online game security, security management and
consulting services. Today, AhnLab boasts a network of sales and
research operations in more than 20 countries worldwide. 
For more information on AhnLab, go to www.ahnlab.com or +1-866
Media Contact:
Dan Chmielewski
Madison Alexander PR
M: +1-949-231-2965
Press spacebar to pause and continue. Press esc to stop.