Latest news
One of Pinch’s main features is that it allows attackers to specify the data that Trojans steal. One of the interface tabs, PWD, allows malicious users to select the type of password to be stolen by the Trojan: from email passwords to passwords kept by the system tools. Also, it is possible to order the Trojan to encrypt this data when sending it, so that nobody else can read it.
The SPY tab lets criminals turn Trojans into keyloggers that capture all key strokes. Trojans can also be designed to take screenshots on the infected computer, steal browser data or look for certain files on the target system.
A feature called NET allows attackers to use Pinch to turn the infected computer into a proxy, so that it can be used to perform malicious or criminal activities on the Internet without leaving any trace. Trojans can also be turned into downloaders that download other executable files onto the compromised computer.
The BD tab allows crooks to specify the ports that the Trojan will open on the infected computer, thus giving backdoor features to Trojans. The ETC tab allows the Trojans to be hidden through techniques including rootkits.
One of the most dangerous features of Pinch can be exploited through the WORM tab, which allows criminals to add worm features to their creations, so that they can spread by their own means, infecting other files or sending themselves out by email.
Pinch also lets users carry out other actions: turn infected computers into zombie computers, pack Trojans to make detection more difficult, and kill certain system processes, particularly those of security solutions.
Finally, Pinch lets users define the way in which stolen data must be sent to its creator. Cyber-crooks can receive data via SMTP, HTTP or, simply order the Trojan to leave stolen data in a file on the infected computer to retrieve it later on through a port opened by the Trojan itself.
Pinch is accompanied by a parser program that allows users to decrypt the reports created by the Trojan with the stolen data and perform searches in them, so that cyber-crooks can easily identify the most profitable data.
Spotlight
IT security jobs: What's in demand and how to meet it
Posted on 15 May 2013. | Let's say you want a career in information security, where do you start? What credentials do you need? What are employers looking for? Read on to find some answers.
Is Microsoft is reading your Skype communications?
Posted on 15 May 2013. | The question of whether Skype allows U.S. intelligence and law enforcement agencies to access the communications exchanged by its users has still not been adequately answered by Microsoft.
Internet Explorer best at blocking malware
Posted on 14 May 2013. | While Chrome’s malware download protection improved significantly, Internet Explorer 10 continues to outperform the other browsers with a block rate of 99.96%.
Researcher refuses to help Saudi telco to spy on people
Posted on 14 May 2013. | You would think that a Saudi Arabian telecom firm interested in monitoring its users' mobile communications would not be asking a well-known pro-privacy researcher for help, but you would be wrong.
Malicious browser extensions are hijacking Facebook accounts
Posted on 13 May 2013. | Facebook users - especially those in Brazil - are being targeted with malicious browser extensions trying to hijack Facebook profiles, warns Microsoft.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
