Ramnit Evolution – From Worm to Financial Malware

[SysAdMini]

https://www.trusteer.com/blog/ramnit-evolution-%E2%80%93-worm-financial-malware

though Ramnit employs old generation malicious techniques, we kept it on our malware radar, and a few weeks ago we started seeing something interesting. Apparently, Ramnit morphed into a financial malware, or at least was used as a platform to commit financial fraud (we’re still investigating its modular architecture). Once installed Ramnit will continuously communicate with the Command and Control (C&C) server, reporting on its status and receiving configuration updates; inbound and outbound communication is over SSL (https).