Skip to main content

Hacker Releases Source Code Online, Banking May Come Under Attack

By April 11, 2017March 1st, 2023Cybersecurity

If you haven’t heard of the Trojan called “Nuclear Bot,” you probably will have the dubious honor of seeing it in action soon. Its author just released the source code on the Dark Web, and that’s very bad news.

Nuclear Bot is a devastatingly effective Trojan. Although designed to target banks, there’s no reason why it couldn’t be used on any business.

It works by opening up hidden remote desktop sessions and lying in wait. Then, when an unsuspecting infected user provides login credentials to a banking website, it allows the hacker controlling the covert remote session to initiate rogue transactions.

Since valid login credentials have already been provided and recognized by the bank’s servers, it will happily process those requests, just as if they had been initiated by the legitimate owner of the account.

Unfortunately, the release of the source code means that less skilled hackers who lack the talent to code something like this for themselves now have easy access to everything they need to create surprisingly effective attacks.

We’ve seen source code releases in the past, but the overwhelming majority of the time, those are accidental. What makes the release of Nuclear Bot especially noteworthy is that the author seems to have done it intentionally, and of his own accord.

He did make some attempt to market the code to other hackers, but apparently ran afoul of the hacking community in general, breaking several unspoken rules and conventions and gaining a reputation as being something of a spammer.

While the reasons behind his decision to release the source code remain a mystery, if the past is any indication, we can expect to see a flurry of new attacks as the broader hacking community begins putting the code to use.

Even without this release, 2017 was predicted to eclipse 2016 in terms of the number of attacks. Now, that is virtually guaranteed.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.