Post Tue Oct 16, 2007 3:42 pm

Gozi

My boss listened to a presentation at the SecureWorld Expo that was held here in Detroit last week regarding this malware. He forwarded this link to me with a good article and short video presentation about it.

http://www.cio.com/article/135500/

It's in regards to some Russian hacking groups and networks, and a 'trojan' that was created. The short of it is that this trojan is installed on the victim system. The attackers sell these infected machines like bots. However, they sell them for 30-day (for example) increments. For those 30 days, the buyer can login to a web portal and view all sorts of information (just like a standard trojan) about the victim machine. The buyer is hoping to collect identity information from their 'project,' or group, of infected machines. Great read, real interesting.