The promise of continued support and bug fixes might be one of the most attractive features of Kronos, according to Tim Erlin, director of security and risk at Tripwire.
"Anyone running a business requires stable and secure software to do so, and that includes cybercriminals," Erlin said. "Being new, and therefore harder to detect, is [also] a feature in and of itself."
News of this new online banking malware threat comes after law enforcement agencies from several countries at the beginning of June worked with security vendors to shut down a financial fraud botnet based on a Zeus spin-off called Gameover. The FBI estimates that the botnet led to losses of over US$100 million globally.
On Friday, security researchers from CSIS Security Group in Denmark reported that the source code of yet another online banking Trojan called Tinba was leaked on underground forums.
"The cybercriminal underground is a market," Tarakanov said. "Source code leakages and botnet shutdowns have been happening constantly but we see virus writers from time to time come up with new (or based on old but modified) banking malware. It proves that the market wants such tools."
Sign up for Computerworld eNewsletters.