- Apr 25, 2013
- 5,355
A new surge of malware has been discovered which goes on to infect hundreds of thousands of computers worldwide and allegedly steals users’ social and banking site credentials.
Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine giant, Google said that Gmail credentials didn’t come from the security breaches of its system, rather the credentials had been stolen by phishing campaigns and unauthorized access to user accounts.
Just now, we come across another similar incident where cyber criminals are using a malware which has already compromised thousands of Windows users worldwide in an effort to steal their Social Media account, Online account and Banking account Credentials.
A Greek Security Researcher recently discovered a malware sample via a spam campaign (caught in a corporate honeypot), targeting large number of computers users rapidly. He investigated and posted a detailed technical analyses of the malware on his blog.
After reverse engineer the malware sample file, he found that the cybercriminals are using a combination of software AutoIT (Automate day-to-day tasks on computers) and a "commercial" Keylogger named "Limitless Keylogger" to make it FUD i.e. Fully Undetectable from static analysis.
Keylogger is a critical type of software program for cyber criminals, which records every input typed into the keyboard and easily detects passwords for users’ Email accounts, Social Media accounts and Online Bank accounts.
This malicious application captures every keystrokes users press and send them to a specified email address linked to the cyber criminal. More interestingly, the malware uses AutoIT in order to evade detection by Antivirus programs.
Full Article
Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine giant, Google said that Gmail credentials didn’t come from the security breaches of its system, rather the credentials had been stolen by phishing campaigns and unauthorized access to user accounts.
Just now, we come across another similar incident where cyber criminals are using a malware which has already compromised thousands of Windows users worldwide in an effort to steal their Social Media account, Online account and Banking account Credentials.
A Greek Security Researcher recently discovered a malware sample via a spam campaign (caught in a corporate honeypot), targeting large number of computers users rapidly. He investigated and posted a detailed technical analyses of the malware on his blog.
After reverse engineer the malware sample file, he found that the cybercriminals are using a combination of software AutoIT (Automate day-to-day tasks on computers) and a "commercial" Keylogger named "Limitless Keylogger" to make it FUD i.e. Fully Undetectable from static analysis.
Keylogger is a critical type of software program for cyber criminals, which records every input typed into the keyboard and easily detects passwords for users’ Email accounts, Social Media accounts and Online Bank accounts.
This malicious application captures every keystrokes users press and send them to a specified email address linked to the cyber criminal. More interestingly, the malware uses AutoIT in order to evade detection by Antivirus programs.
Full Article
