[funsec] Keyloggers: How They Work and How to Detect Them (Part 1)
fergdawg at netzero.net
Sat Mar 31 16:23:57 CDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
And for what it's worth, there's a reason why the SANS ISC set
their ThreatCon Level to "Yellow" today...
- - ferg
- -- "Fergie" <fergdawg at netzero.net> wrote:
A very nice write-up by Nikolay Grebennikov over at Viruslist.com.
In February 2005, Joe Lopez, a businessman from Florida, filed a suit
against Bank of America after unknown hackers stole $90,000 from his Bank
of America account. The money had been transferred to Latvia.
An investigation showed that Mr. Lopezs computer was infected with a
malicious program, Backdoor.Coreflood, which records every keystroke and
sends this information to malicious users via the Internet. This is how the
hackers got hold of Joe Lopezs user name and password, since Mr. Lopez
often used the Internet to manage his Bank of America account.
However the court did not rule in favor of the plaintiff, saying that Mr.
Lopez had neglected to take basic precautions when managing his bank
account on the Internet: a signature for the malicious code that was found
on his system had been added to nearly all antivirus product databases back
Joe Lopezs losses were caused by a combination of overall carelessness
and an ordinary keylogging program.
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.0 (Build 214)
-----END PGP SIGNATURE-----
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the funsec