Idappcom blames hacktivists for SpyEye DDoS enhancements

London, (PresseBox) - The blame for a DDoS - distributed denial of service - enhancement being added on the infamous SpyEye ebanking malware has been laid at the feet of the WikiLeaks hacktivists by Idappcom.

According to the data traffic analysis and security specialist, it was almost certainly the development - and propagation - of the LOIC DDoS utility by supporters of the Anonymous hacktivist group) that spurred cybercriminals into adding the 'feature' to SpyEye.

"What we have been witnessing in the black hat hackersphere these last few months is a mirror image of evolutions in the so-called white hat security arena," said Anthony Haywood, Idappcom's chief technology officer.

"The development of the Low Orbit Ion Cannon DDoS utility showed that it is possible for a few concerted Internet users to stage a powerful DDoS attack on major sites such as MasterCard ( and this, in turn, made the cybercriminals behind SpyEye realise its potential and add the 'feature' the online banking trojan," he added.

The Idappcom CTO went on to say that, had the Anonymous/WikiLeaks DDoS utility not been developed, then the world - on both sides of the white/black hat hacker divide - would have remained largely ignorant of what a powerful weapon a DDoS utility is.

SpyEye, he explained, is a form-grabbing trojan horse malware that operates in a similar manner to Zeus but has been marketed by cybercriminals as a lower-cost alternative darkware application that heists banking credentials from infected users' PCs.

The irony of the DDoS enhancement to SpyEye, Haywood says, is that it will push the price of SpyEye rentals to cybercriminals, and so increase the revenue stream for the developers of the trojan.

"Idappcom's in-depth research into darkware-driven side of Internet traffic, makes us realise what a breakthrough the DDoS enhancement to SpyEye really is. We already know that the development team behind the Zeus trojan has also been working on SpyEye since last October ( so it can only a matter of time before Zeus gets this enhancement as well," he said.

"This development really is bad news for those users of the Internet who access their banking system online, as it breathes new life into SpyEye, and prolongs the agony of online banking cybercrime," he added.

"It's to be hoped that the citizen evangelists realise the immense mistake they made in developing such a powerful cybercrime weapon as the LOIC utility, and that the genie really is now well and truly out of the bottle."

For more on the SpyEye DDoS enhancements:

For more on Idappcom:

Press releases you might also be interested in

Weitere Informationen zum Thema "Security":

5 Tipps für die Wahl einer Authentifizierungslösung

Die Kom­bi­na­ti­on aus Be­nut­zer­na­me und Pass­wort ist längst nicht mehr aus­rei­chend, wenn es um die si­che­re An­mel­dung im IT-Netz­werk geht. Um das Si­cher­heits­ni­veau zu er­höhen und An­g­rei­fern die Nut­zung ge­stoh­le­ner Zu­gangs­da­ten zu er­schwe­ren, ra­ten Ex­per­ten zur Mul­ti-Fak­tor-Au­then­ti­fi­zie­rung. Doch wor­auf soll­ten Un­ter­neh­men vor der An­schaf­fung ei­ner sol­chen Lö­sung ach­ten?


Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.

I want to subscribe to the gratis press mail and have read and accepted the conditions.