These are quick first looks and trend and threats

Written by the security and AV professionals from team K7, meant for the general audience
These are usually articles that go into internals of a virus or deal with security issues
Senior managers speak on areas of interest to them, inside and outside the industry

Posts Tagged ‘spyware’

A Perl of Wisdom

Friday, January 7th, 2011

It is no secret that over the last few years complicated malware have been on the rise. Authors of such malware make a great effort to ensure that their code and its associated payload remain hidden on the infected machine. Stuxnet, for example, was the first malware to include a Programmable Logic Controller rootkit, and had the capability to hide its changes via reprogramming the PLC. Complex malware have become so common that we forget it is still possible to write really simple malware which are capable of as much exacting damage as that for a complicated one.

Last week we at the K7 Threat Control Lab (K7TCL) spotted one such malware. It is a very simple perl script converted into a windows executable using perl2exe. When executed, the malware collects documents from the infected machines and uploads them to the author’s FTP site. Perhaps not as impressive as Stuxnet, but it does the business.

Decompiling the executable gives us the perl script and the user credentials used to upload the stolen files. Just out of curiosity I decided to follow the malware trail back to the FTP site, and I was in for quite a surprise. The FTP site was not just full of stolen documents, but some came from what appeared to be world renowned financial institutions.

This malware is detected by K7 Security products as Trojan (001ECA471). Such malware spread using social engineering techniques, masquerading as something beneficial. Distribution channels tend to include IRC, peer-to-peer networks, newsgroup postings, email, etc. Users are advised to exercise caution while downloading files from untrusted sources.

Lokesh Kumar
Collection Manager, K7TCL

Most security breaches unintentional, claims report

Wednesday, August 26th, 2009

A report on business IT security has played down the notion of malicious “insider” computer security attacks, claiming that the majority of security flaws and breaches happen completely by accident. (more…)

Sears backs down over “spyware” controversy

Friday, June 5th, 2009

One of the USA’s biggest retailers has agreed to settle charges brought by federal authorities that it installed a form of spyware on customer computers. (more…)

Controversial Phorm software faces new battle

Monday, April 20th, 2009

Controversy has resurfaced over the online advertising programme Phorm after Amazon, Wikipedia and the European Commission took action against the software. (more…)

More than half suffer from “computer rage”

Friday, April 3rd, 2009

Shouting or throwing a tantrum at a computer could be beneficial for users after research revealed that half of Brits suffer from “computer rage”. (more…)

Keyloggers blamed as UK credit card fraud rises

Friday, March 20th, 2009

Keylogging software and other forms of computer malware have been blamed after an official report revealed a massive increase in online fraud. (more…)

Who’s watching your key strokes?

Tuesday, March 10th, 2009

Two men were last week convicted for trying to steal £229m from the London branch of a Japanese bank in an elaborate, high-tech scheme that would have been Britain’s biggest bank heist, putting the issue of keylogging devices under the spotlight. (more…)

Hackers attack IE7 patch flaw

Friday, February 20th, 2009

Users of Microsoft’s Internet Explorer 7 browser are being warned that a patch to fix a critical flaw within the software could have opened up users to critical security risks. (more…)

Samsung photoframe packaged with keylogging spyware

Sunday, December 28th, 2008

Owners of a Samsung digital picture frame have been warned by one online retailer that the accompanying software CD. (more…)

65% say “OK” to pop-ups

Thursday, November 20th, 2008

Internet users are struggling to tell the difference between genuine and malicious pop-ups, according to a new report. (more…)