riderx
August 8th, 2005, 09:01 PM
Spyware researchers picking apart one of the more notorious spyware programs have stumbled upon what appears to be a massive identity theft ring hijacking confidential data from millions of infected computers.
Sunbelt Software Inc., makers of the enterprise-grade CounterSpy spyware protection product, made the discovery during an audit of "CoolWebSearch," a program that routinely hijacks Web searchers, browser home pages and other Internet Explorer settings.
During the research, Sunbelt researcher Patrick Jordan deliberately installed the "CoolWebSearch application on a machine and immediately noticed that the infected system became a spam zombie that was placing callbacks to a remote server.
When Jordan visited the remote server, he was shocked to find that it was being used to distribute sensitive personal information from millions of PC users infected by the spyware application.
"We found the keylogger transcript files that are being uploaded to the servers. We're talking real spyware stuff…chat sessions, usernames, passwords, bank account information, full names, addresses," said Sunbelt president Alex Eckelberry.
Read more here about the many faces of spyware.
In an interview with Ziff Davis Internet News, Eckelberry said the sophistication of the operation suggests it's the work of a "massive identity theft ring" that used keystroke loggers to grab confidential information that could be used to create fake online identities.
go and read the rest here man hmm
http://news.yahoo.com/s/zd/20050808/tc_zd/157623
Sunbelt Software Inc., makers of the enterprise-grade CounterSpy spyware protection product, made the discovery during an audit of "CoolWebSearch," a program that routinely hijacks Web searchers, browser home pages and other Internet Explorer settings.
During the research, Sunbelt researcher Patrick Jordan deliberately installed the "CoolWebSearch application on a machine and immediately noticed that the infected system became a spam zombie that was placing callbacks to a remote server.
When Jordan visited the remote server, he was shocked to find that it was being used to distribute sensitive personal information from millions of PC users infected by the spyware application.
"We found the keylogger transcript files that are being uploaded to the servers. We're talking real spyware stuff…chat sessions, usernames, passwords, bank account information, full names, addresses," said Sunbelt president Alex Eckelberry.
Read more here about the many faces of spyware.
In an interview with Ziff Davis Internet News, Eckelberry said the sophistication of the operation suggests it's the work of a "massive identity theft ring" that used keystroke loggers to grab confidential information that could be used to create fake online identities.
go and read the rest here man hmm
http://news.yahoo.com/s/zd/20050808/tc_zd/157623