Date: Tue, 23 Jul 2013 20:48:51 -0400
From: mark <whitroth at 5-cent.us>
To: undisclosed-recipients:;
Subject: [WSFA] Russian Trojan With Twist Targets Financial Details
Reply-To: WSFA members <WSFAlist at KeithLynch.net>

Excerpt:
  The malware's developer advertised the base version of the Trojan for
$5,000, but said additional modules are also for sale, including a
plug-in for $2,000 that's designed to disable the financial malware
defense tool Rapport. Kins' developers also promised technical support
for all Windows 8 users and said they have "plans for further
development," including a module that will scan infected PCs for the
presence of software that uses the remote desktop protocol (RDP). If RDP
is present, remote attackers would have an easy-to-use and hard-to-detect
mechanism for gaining full remote control of an infected PC.

Who built Kins? Assuming the software is real, it appears to be built by
Russian or Ukrainian criminals. "Kins does not work on Russian-language
systems. If Russian or Ukrainian specs are detected, the Trojan will
terminate," said Kessem. That suggests that Kins' developer is abiding a
long-standing agreement between cybercriminals and authorities in both of
those countries:
--- end excerpt ---

<http://www.informationweek.com/security/vulnerabilities/russian-trojan-with-twist-targets-financ/240158779>

Which implies there's a better name for the malware: either privateer or
bucconeer, depending on whether there are actual or just tacit agreements.

          mark