Low-Cost Crimeware Kit Gaining Popularity in Underground Markets

When it comes to malware and cybercriminals, sometimes “cheap” and “fast” clearly trumps “tested” and “sophisticated.” That’s the case with Rubella Macro Builder, a recently discovered crimeware kit that, despite being new and relatively unsophisticated, has been gaining popularity among cybercriminals – including members of the suspected Russian gang behind the Panda banking malware.

Security vendor Flashpoint, which issued an advisory on the threat this week, described Rubella as enabling criminals to generate Microsoft Word (.doc) and Microsoft Excel (.xls) payloads. Since it surfaced in February, Rubella Macro Builder has been used as a first-stage loader in one of the most recent Panda campaigns. The group behind the distribution appears to have targeted victims through various social media platforms and through webinjects, Flashpoint says.

Read more about the Rubella Malware Builder, which costs only $150 for a three-month subscription, and presents a threat to enterprises according to Flashpoint, on DarkReading.





Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief