Latest news
Kaspersky Lab classifies such programs as Trojan-Spy or Trojan-PSW. The graph below shows the increase in the number of modifications in this category:
Figure 1. Growth in the number of malicious programs designed to steal data
Spy programs arrive on victim machines in a number of ways: when the user visits a malicious website, via email, via online chat, via message boards, via instant messaging programs etc. In most cases, social engineering methods are used in addition to malicious programs so that users behave as cyber criminals want them to. One example is one of the variants of Trojan-PSW.Win32.LdPinch, a common Trojan that steals passwords to instant messaging applications, mailboxes, FTP resources and other information. After making its way onto the computer, the malicious program sends messages such as
"Take a look at this
< link to malicious program >
Great stuff :-)
Most recipients click on the link and launch the Trojan. This is due to the fact that most people trust messages sent by ICQ, and don’t doubt that the link was sent by a friend. And this is how the Trojan spreads - after infecting your friend’s computer, the Trojan will send itself on to all addresses in your friend’s contact list, and at the same time will be delivering stolen data to its author.
One particular cause for concern is that nowadays even inexperienced virus writers can write such programs and use them in combination with social engineering methods. Below is an example: a program written by someone who is not very proficient in English – Trojan-Spy.Win32.Agent.ih. When launched, the Trojan causes the dialogue window shown below to be displayed
Figure 2. Dialog window displayed by Trojan-Spy.Win32.Agent.ih
Spotlight
The CSO perspective on healthcare security and compliance
Posted on 20 May 2013. | Randall Gamby is the CSO of the Medicaid Information Service Center of New York. In this interview he discusses healthcare security and compliance challenges and offers a variety of tips.
Cyber espionage campaign uses professionally-made malware
Posted on 20 May 2013. | A massive cyber espionage campaign has been hitting government ministries, IT companies, academic research institutions, and more.
Ransomware adds password stealing to its arsenal
Posted on 17 May 2013. | Microsoft researchers are warning about a new variant of the well-known Reveton ransomware doing rounds.
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Hacking charge stations for electric cars
Posted on 15 May 2013. | Ofer Shezaf talks about what charge stations really are, why they have to be ‘smart’ and the potential risks created to the grid, to the car and most importantly to its owner’s privacy and safety.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
