Thursday, August 11, 2005

New Keylogger Steals Passwords From IE

Gregg Keizer writes in TechWeb News:

The keylogger behind a major identity theft ring is especially invasive, said an anti-spyware vendor Thursday as it prepared to roll out a free detection and deletion tool.

Last week, Florida security company Sunbelt Software said one of its researchers had stumbled on a server that held a file containing a large number of usernames, passwords, telephone numbers, credit card and bank account numbers, and other personal information.

All the information, Sunbelt now says, was gathered with a new, potentially damaging keylogger, a small program which secretly steals information.

The keylogger, which has been dubbed Srv.SSA-KeyLogger, filches data from users' Internet sessions, including logins and passwords from online banking sessions, eBay, PayPal, and other programs that use HTML-based forms to collect information. Intuit's Quicken, for instance, often relies on a Web-based interface to download a user's account statement to the personal finance software's database.

Related to the Dumador/Nibu family of Trojans, this keylogger is especially malevolent, said Eric Sites, the vice president of research and development at Sunbelt. "It doesn't sit and wait around for a password to be typed in," he said, a trait of most keyloggers. "Instead, it steals data from Internet Explorer's Protected Storage area."

0 Comments:

Post a Comment

<< Home