Big Brother

It seems that development of the main module of SpyEye stopped with last autumn’s version 1.3.48 – and this is now

the dominant strain of SpyEye malware.

SpyEye distribution by versions for the period since 1 January 2012* * Others (7%) includes: 1.2.50, 1.2.58, 1.2.71, 1.2.80, 1.2.82, 1.2.93, 1.3.5, 1.3.9, 1.3.25, 1.3.26,

1.3.30, 1.3.32, 1.3.37, 1.3.41, 1.3.44.

But just because the authors are not developing this platform further, it doesn’t mean that SpyEye is no longer

getting new functions. The core code allows anyone to create and attach their own plugins (DLL libraries). I’ve been

analyzing SpyEye samples since the start of the year, and I’ve counted 35 different plugins. Below you can see a

table with those plugins and the corresponding number of samples in which they were included:

Read more: Big Brother

Story added 21. May 2012, content source with full text you can find at link above.