Http://krebsonsecurity.com/2010/09/. Welcome to SpyEye Front-end interface called “CN 1” or “Main Access Panel.”

http://krebsonsecurity.com/2010/09/

Welcome to SpyEye

Front-end interface called “CN 1” or “Main Access Panel.”

Create task for billing a CCSpyEye Console

More billinghammer

Bot List

Bot Net Statistics

Upload a Task Fileinstruct the bot to go to a specific sit

(to generate clicks for possible ad revenue) or to possibly download more malware

Uploads configuration filesUpdates SpyEye binary files for the bots to download

Virtest is a website in Eastern Europe that allows logged-in users to scan binary files and exploit

packs to test if they are being detected by antivirus engines

Settings button

Socks 5 backconnetAllow the bot master to create reverse connections to the bot

SYN 1 or the Formgrabber Access Panel

Amount of data being collectedDate & Time

Search the database of stolen information

Search for a specific bankHhows the entire HTTP request

and all of the data the user sent to the bank

User namePassword

Overview of the sites that the infected computers

Bot master creates a .TXT file that will display FTP user names and passwords

Bot herder can specify an email address to receive a copy of the C&C server’s database

SpyEye can also capture screenshots from infected machines

For ExampleScreenshot of a user at home authenticating

with his/her bank login by using an onscreen keypad

Screenshot displaying all of the user’s account numbers and

how much money was in each account

Steals only Bank of America credential

Displays stolen credit card informationto use the user’s credit cards for the

Create task for Billing

Security certificates that SpyEye has stolen