Incidents

The Persistence of Memory – Chapter one: keyloggers

Today’s arrest of Yaron Bolondi set me thinking about cyber crime and keyloggers. It comes as no surprise that keyloggers have become the tool of choice for cyber criminals. Three months ago I wrote about my experience with a public computer that I was using to access the Internet, which was infested with keyloggers and screen capturing tools.

Last week we received a new Trojan, which called back home through a hacked ftp account on a public hosting server. The Trojan was constantly monitoring the screen, starting to capture screenshots whenever the page currently accessed in IE containes keywords such as “bank” or “account”. Additionally, the Trojan included the usual keylogger component and a module which intercepted all emails sent from the system.

We were glad to notice the above technique was almost useless against e-banking systems which rely on one-time-pad authentication or hardware tokens. Of course, everything else it at risk.

If you have to rely on e-banking – and I have to say I’m a great fan of it – choose your bank wisely. One time pad authentication or hardware tokens are a “sine qua non”. Assuming that the bank’s internal bank network isn’t breached, your money should be safe.

The Persistence of Memory – Chapter one: keyloggers

Your email address will not be published. Required fields are marked *

 

Reports

APT trends report Q3 2024

The report features the most significant developments relating to APT groups in Q3 2024, including hacktivist activity, new APT tools and campaigns.

Subscribe to our weekly e-mails

The hottest research right in your inbox