14 DAY TRIAL // Security researcher and blogger Brian Krebs has been closely monitoring the Citadel Trojan’s development process and his latest findings reveal that a tight community was formed between the authors and the customers, making the project evolve rapidly.
In practice, the results were observed by Seculert researchers that identified 20 different Citadel botnets since December 17, 2011, when the first variant was discovered. The experts clearly observed how each new version came with new modules and features that only made the botnet more efficient and more dangerous.
Last time we’ve learned about all the perks that came with being a Citadel customer. They not only received full support, but they were also allowed to cast votes on what new features they would like to see in the later variants of the Trojan.
In the upcoming variants, security solutions providers may identify new features such as a plug-in that looks for specific files on the targeted computer, a mini-antivirus to clean up other pieces of malware and adware that may interfere with Trojan’s functionality, along with seven other applications that are currently up for debate.
While some of the features may look great, other members of the community take their time to warn about the downsides that might result after the implementation of certain functionalities, but also give precious advice for the design of the new module.
Finally, it turns out that a malware author’s life is not all computers, viruses and malicious deeds performed in a poorly lit room. The creators of Citadel only work daily from 10 AM to 00:30 AM the next day, on the weekends the Help Desk being closed.
However, they allow customers to leave offline messages that will be handled on Monday, to ensure that no costumer is displeased.