Hi Fred, I just came across this article in Yahoo-news ("Spyware Researchers Discover ID Theft Ring" http://www.eweek.com/article2/0,1895,1845248,00.asp ).
Until now, it was more a question of privacy issues – monitoring people’s surfing habits etc. Now it’s a completely criminal issue. The discovery was during an audit of "CoolWebSearch."
>From the article:
"We found the keylogger transcript files that are being uploaded to the servers. We’re talking real spyware stuff…chat sessions, usernames, passwords, bank account information, full names, addresses," said Sunbelt president Alex Eckelberry.
Eckelberry said the sophistication of the operation suggests it’s the work of a "massive identity theft ring" that used keystroke loggers to grab confidential information that could be used to create fake online identities.
I’m not being dramatic. This is the most repulsive thing I’ve ever seen. It’s very painful to see what’s in these log files that are being uploaded in real time. We’re seeing a lot of bank information and usernames and passwords to get in.
Eckelberry said the "CoolWebSearch" payload included a typical adware download that immediately scanned the infected machine for e-mails to use for spam runs. It then sets up a "very intelligent keylogger" that looks for very specific information.
"This won’t get caught by a typical anti-spyware application," he said, noting that the keystroke logger was able to pick up identity-related data for delivery to the remote server. Scarry stuff indeed. —Eran Rosenmann
This story is interesting in part because it lays bare three common misconceptions about malware: 1) that viruses and spyware are