More Malicious Malware
Hi Fred, I just came across this article in Yahoo-news ("Spyware Researchers Discover ID Theft Ring" http://www.eweek.com/article2/0,1895,1845248,00.asp ).
Until now, it was more a question of privacy issues - monitoring people's surfing habits etc. Now it's a completely criminal issue. The discovery was during an audit of "CoolWebSearch."
>From the article:
"We found the keylogger transcript files that are being uploaded to the servers. We're talking real spyware stuff…chat sessions, usernames, passwords, bank account information, full names, addresses," said Sunbelt president Alex Eckelberry.
Eckelberry said the sophistication of the operation suggests it's the work of a "massive identity theft ring" that used keystroke loggers to grab confidential information that could be used to create fake online identities.
I'm not being dramatic. This is the most repulsive thing I've ever seen. It's very painful to see what's in these log files that are being uploaded in real time. We're seeing a lot of bank information and usernames and passwords to get in.
Eckelberry said the "CoolWebSearch" payload included a typical adware download that immediately scanned the infected machine for e-mails to use for spam runs. It then sets up a "very intelligent keylogger" that looks for very specific information.
"This won't get caught by a typical anti-spyware application," he said, noting that the keystroke logger was able to pick up identity-related data for delivery to the remote server. Scarry stuff indeed. ---Eran Rosenmann
This story is interesting in part because it lays
bare three common misconceptions about malware: 1) that viruses and spyware are
always created by lone sociopath cyber vandal types or shady advertisement
distribution organizations; 2) that you can predict today what tomorrow's
malware is going to do to your system; and 3) that one anti-malware solution is
going to protect you against all threats.
Increasingly, malware is created and unleashed by criminal organizations out to
commit one kind of fraud or another--- in this case, aggressive identity theft.
These organizations are locked in an "arms race" against the anti-malware
developers, and seek creative new ways to bypass existing defenses.
Although the methods and motives of malware keep changing, the rules of thumb
for combating it remain constant: Use a variety of reputable tools, keep them up
to date, and stay current with operating system and application software patches
and updates. More details: "5 Essential Steps To PC Security" (
http://www.informationweek.com/LP/showArticle.jhtml?articleID=177100010 )
Digg
Del.icio.us
Reddit
StumbleUpon
Other
Permalink
