Posts Categorized: Keyloggers


IRS Tax “Warning” Fraud Crosses the Pond, Targets the UK

by

For several months, we’ve been seeing spam and phishing Web sites which purport to be IRS notifications of delinquent non-payment of income taxes. Who can blame the fraudsters — almost no three letter agency of the US government inspires more dread and fear than good old Internal Revenue. In the UK, the counterpart to the IRS is called Her Majesty’s Revenue & Customs (or HMRC), even though it is the British government, and not the Queen’s Coldstream Guards, who dutifully stick a fork in the populace to pay up. The income tax filing deadline in the UK (for people who […]

Continue Reading »

Trojan Decodes Captchas Using Stolen Commercial Tools

by

A new Trojan quietly circulating in the wild uses components from a commercial optical character recognition (OCR) application to decode captchas, those jumbled-text images meant to help a website discern human activity from automated bots. The OCR-using captcha breaking tool is just one component of the Trojan. Its main purpose appears to be to fill out contest entries, online polls, and other forms relating to marketing campaigns originating in the US, and it uses the OCR-cracking software in order to read the captchas and submit the form entries, on pages where the website presents a captcha to the user. And […]

Continue Reading »

One Click, and the Exploit Kit’s Got You

by

After all the brouhaha surrounding the NYTimes.com website hosting ads which spawned rogue antivirus Fakealerts last weekend, I spent a considerable amount of time looking at so-called exploit kits this week. These are packages, made up of custom made Web pages (typically coded in the PHP scripting language), which perform a linchpin activity for malware distributors. Namely, they deliver the infection to the victim, using the most effective methods, based on parameters which help identify particular vulnerabilities in the victim’s browser, operating system, or applications. There’s no indication that an exploit kit was used by the attackers in the NYTimes.com […]

Continue Reading »

“Shipping Confirmation” Malware on the Rise

by

As autumn approaches, the world typically sees an increase in the number of online shopping trips, as people take advantage of bargains from late-year sales, and prepare for various holidays. And, right on cue, we’re also seeing an increase in the number of Trojans distributed in the guise of “shipping confirmation” email messages. And these Trojans are packing a triple threat of backdoors designed to steal logins and take command of infected PCs. The Trojan arrives attached to a vaguely-worded email message thanking the recipient for their order of a high-ticket item. Previous versions of this same kind of message […]

Continue Reading »

The WoW Catphishers are Biting

by

The body’s barely cold from last week’s BlizzCon, but the script kiddies who write phishing kits have been hard at work putting their best foot forward, crafting account-stealing code that targets gullible WoW players who want an early peek at the just-announced Cataclysm expansion. These Catphish pages, linked off of YouTube video postings that offer promises of early, exclusive access to the expansion, lift graphics and design characteristics directly from the pages hosted by Blizzard, the publisher of the WoW franchise. Unfortunately for the script kiddies making and hosting the pages, they’re making some of the most boneheaded mistakes imaginable. […]

Continue Reading »

Steam Users Targeted by Phishers

by

A phishing campaign that started around the beginning of the year, targeting gamers who use Valve Software’s Steam network, continues unabated but with a twist: The phishers have registered dozens of domain names, such as trial-steam.tk or steamcommunity###.tk (where the ### can be a two or three digit number), which are used to host the phishing pages. The pages appear to be a “Steam Community” login page which looks identical to Valve’s Steam Community Web site. There are a few ways you can quickly identify whether you’re on the right page, or a fake. For one, the real Steam Community […]

Continue Reading »

Gamers: Fight the Phishers

by

Last week, I posted a blog item that explained how gamers face a growing security threat in phishing Trojans — software that can steal the passwords to online games, or the license keys for offline games, and pass them along to far-flung criminal groups. We know why organized Internet criminals engage in these kinds of activities, because the reason is always the same: There’s a great potential for financial rewards, with very little personal risk. So I thought I’d wrap up this discussion with some analysis of how the bad guys monetize their stolen stuff. After all, how do you […]

Continue Reading »

If You’ve Got Game, Phishers Want Your Stuff

by

Since the beginning of the year, my colleagues in the Threat Research group and I have been researching an absolutely astonishing volume of phishing Trojans designed solely to steal what videogame players value most: the license keys that one would use to install copies of legitimately purchased PC games, and/or the username and password players use to log into massively multiplayer online games, such as World of Warcraft. I can only imagine that it takes very little effort for the jerks behind this scheme to retrieve thousands of account details. (We began covering this issue briefly last week.) With such […]

Continue Reading »

5 PC Gaming Threats and How To Beat Them

by

By Mike Kronenberg E3, the annual trade show for the computer and video games industry, kicked off in Los Angeles yesterday, not long after the unofficial start of summer on Memorial Day. These events got me thinking about what many students might do with their free time over the next three months. I imagine that for legions of young PC gamers, this could mean hour after blissful hour spent honing their skills as a blacksmith and earning gold in their favorite online fantasy universe. You can bet cybercriminals are imagining the same thing, too – and banking on it.  In […]

Continue Reading »