• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
home / News / The story of Tilon malware and its common points with SpyEye

The story of Tilon malware and its common points with SpyEye

27/02/2014 10:54 by giorgos

When it was first discovered in 2012, Trusteer researchers said that Tilon was the "son" of a well-known malware called Silon. However, experts from Fox-IT say that Tilon should be called SpeEye2. (download PDF research)

Researchers believe that Tilon was created by a development team led by Russian Aleksandr Andreevich Panin (also known as "Gribodemon"). In October 2011, following the release of SpyEye 1.3.48, the team began working on a side project, a private Trojan platform for rent.

tilon trojan - The history of Tilon malware and its commonalities with SpyEye

Trusteer researchers have reported that Tilon is based on Silon because of his similarity loader component. However, Fox-IT reports that Tilon's functional components are actually based on SpyEye, which means developers have access to SpyeEye's source code.

"Looking at SpyEye2 backend, a lot has changed. There is a single backend system that strongly resembles the original SpyEye RDP backconnect daemon and it contains a lot of code from it SpyEye collector, but using HTTP this time around, ”said a Fox-IT expert.

"The server side component is called "dae" (abbreviation for daemon, a common name for a Unix service, which is also used by its component RDP backconnect of SpyEye), and combines bot control, logging data, and functionality RDP and socks and the management of its structure webinject on a single platform. ”

The fact that Tilon is actually SpyEye2 is also evidenced by the fact that after the capture of Panin, a significant decrease in its activity has been observed.

In fact, now that Panin has pleaded guilty, you will probably spend many years behind bars. It is worth noting that he pleaded guilty to conspiracy to commit online banking fraud, and admitted to being the main developer and distributor of SpyEye. However, this does not necessarily mean that the rest of his team will abandon the development of malware.

The story of Tilon malware and its common points with SpyEye was last modified: October 6, 2016, 12: 45 mm by giorgos

Subscribe to our newsletter

no spam

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: NewsDay: malware, project, server, side, spyeye, tilon

You May Also Like

horusec: Find vulnerabilities in your projects
MOSE: Post Exploitation tool for Server management
Metasploit Framework: The favorite tool of hackers

About Us giorgos

George still wonders what he's doing here ...

Previous Post: « New version (1.01) of oclHashcat. Download the fastest password Cracker
Next Post: IBM says goodbye to hardware and welcomes cloud iGuRu »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loadingCancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.