Would you buy a virus for $7000? Probably not, but what if you knew it could hack bank accounts? I guess you picked your answer.
That is exactly what the Kronos Virus does. The name “Kronos” should sound familiar to lovers of Greek mythology because Kronos is the father of Zeus(the god of lightning). The virus is classified to other advanced level trojans such as Zeus, Citadel, Gozi.
Kronos is the virus capable of reconnecting with infected bots, hacking into bank accounts, conducting online theft and stealing banking login details from browser sessions. The virus was first discovered in 2014 and according to Securonix researchers it has received a new update and now available on the underground Russian Forum at $7000.
With the new update, Kronos is now dubbed as Osiris and campaigns for three distinct regions Germany, Japan and Poland are already underway according to recent research.
The campaign includes phishing e-mails crafted from MS-Word documents, RTF attachments as primary infiltration sites. These infiltrated documents exploit an MS Office equation overflow vulnerability – CVE_2017-11882.
Kronos has, with the new update, features like keylogging, TOR Network, remote control and command control via VNC along. The virus also uses advanced techniques like Anti-VM and Anti-Sandbox to escape detection in a virtual environment. If you think that is scary wait till you hear this, the virus can modify internet zones and lower browser’s security to load malicious codes into the websites.
It can create shortcuts in the startup folders and replicates itself to different PC location along with DLLs, images. executables for TOR.
In August 2017, Marcus Hutchins the British security researcher who was involved in stopping May 2017 Wanna cry ransomware attack was alleged to have created the software in 2014. He was, however, arrested by FBI while visiting the USA.
We would not advise anyone to purchase as the virus is very damaging in the very first instance and for the obvious reason, it is illegal.