(Originaly published on VentureBeat)
Imagine this scenario: A criminal breaks into a bank and finds another criminal already hard at work cracking the safe. What would happen next? Would they collaborate, or attack each other? Share the loot? Anything's possible when it comes to thieves meeting in person. But what happens when the crooks aren’t people, but rather different types of malware targeting the same network?
The creators aim high
The developers of Thanatos have high hopes for their brainchild; they advertise their product as "not another Zeus look-a-like" and describe some of their plugins as faster than those of Zeus. This comparison to the Gameover Zeus campaign – which distributed ransomware and banking Trojans to millions of machines in 2014 – is quite disturbing. With its new abilities, Thanatos might be very appealing to low-level cybercriminals who are looking for revenue but don't have the technical know-how to generate it.
The malware's abilities show us just how red the Cybercrime waters are. Developers go to great lengths to make sure no other criminal will get a piece of the pie, and use selective malware detection to achieve this. The price tag is relatively cheap, and if adopted by cybercriminals, this could be the next Zeus.
Combating such a threat won't be simple. It appears as if the developers plan on evolving their malware, turning it into a more flexible attack platform. But lest we forget that the security industry has also been evolving since the days of the Zeus campaign. The rise of advanced, affordable malware might push more security companies to create cyber deception solutions – products that target the attackers themselves and not just their attack tools.