Uncovering a C&C server used by hackers to control the infected victims. The malware analyses done on victim’s machines reveals that malware from KINS family is targeting specific Italian bank users with ATSEngine, with capability to dynamic inject a code in the victims browser and managing the “drops” in full automatic way. The attack campaign is ongoing right now and we recovered hacked accounts. Beside that we reveal the “drops” used to collect the stolen money from the customers.
Continue reading “Kins origin malware with unique ATSEngine.”