Names | Atmos | |
Category | Malware | |
Type | Banking trojan, Info stealer, Credential stealer | |
Description | (Heimdal Security) More than 6 months after its creator was sentenced to prison, the infamous Citadel malware resurges in a modified form, called Atmos. The new strain is currently targeting banks in France and it was also spotted being delivered with Teslacrypt. From Zeus to Citadel to Atmos – the years may have passed, but cyber criminals are not ready to give up on using the source code it all began with. In fact, this new Citadel variant that researchers have analyzed is modified sufficiently for it to have a new name. That’s why Malwarebytes dubbed it “Atmos” when they first came across it. | |
Information | <https://heimdalsecurity.com/blog/security-alert-citadel-trojan-resurfaces-atmos-zeus-legacy/> | |
AlienVault OTX | <https://otx.alienvault.com/browse/pulses?q=tag:atmos> |
Last change to this tool card: 24 May 2020
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
Unknown groups | |||||
_[ Interesting malware not linked to an actor yet ]_ |
1 group listed (0 APT, 0 other, 1 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |