Trojans rise in the virus war
Posted on 12 Mar 2004 at 12:25
Net users are facing a Trojan wave as hackers seek ways into victims' bank accounts.
The war of the worms may have averted attention to the NetSky's, Bagles and MyDooms, but make no mistake, a recent surge of Trojans has its collective eyes on your bank account and personal information.
'There's no doubt that we are seeing an increase in interest amongst the malware writing community
in Trojan horses and hacking into remote computers. It is more and more common today to find a piece
of malware has a "phishing" payload designed to steal confidential data from the infected computer,' said Graham Cluley, senior technology consultant at Sophos. The company has issued alerts for five new Trojans in the last couple of days, with more discovered today.
For example, the latest, LDPinch-G, steals information on the infected computer's OS version, memory, CPU and so on, available drives (drive letter, type and free space), hostname and IP address, Windows folder volume information, installation details and data stored in the registry for selected software, including ICQ and Trillian, passwords and confidential information from 'Protected Storage', POP3 and IMAP server information, usernames and passwords, FTP usernames and passwords and RAS dial-up settings and then sends it back to the remote hacker.
'Once a backdoor has been placed on a computer, not only can information be stolen but in many cases the computer can be exploited for other purposes - such as sending spam. Something like 30 per cent of all spam is being sent unwittingly from innocent computers that have been compromised,' he warned. 'And some Trojans are being actively spammed out.'
The Trojans are mass-mailed by the thousands, rather than rely on the self-mailing abilities of a worm. 'A worm is too obvious,' said Cluley, as the media attention given to MyDoom, for example, meant that it didn't take long for the public to start recognising it. Instead the attackers rely on the same business model as spammers - the more you send out, the greater the likelihood of infections. 'Even if only 0.01 per cent run the Trojan, it can still be worthwhile,' said Cluley.
And they are using an array of methods to entice victims to run them. Bereb-B, for example, claims to be an X-box emulator that will let you play Xbox games on your computer.
Small-Al captures keypresses when the user visits websites containing commonly used banks and banking systems in the browser's title bar.
'It really highlights the need not just for antivirus on the desktop but also a personal firewall,' concluded Cluley.
For more information, visit the Sophos website.
Author: Matt Whipp
advertisement
- How to fix online surveys
- What's that eggy smell in the server room?
- How to change the default template in Word 2007
- Book review: Rework by Jason Fried and David Heinemeier Hansson
- Panorama parents deserve their file-sharing fine
- Google and BT offer free website service to British businesses
- Lords' last chance to protect broadband customers
- Extreme handwriting recognition on the Dell Latitude XT2
- 12 surprising things that Wolfram Alpha knows
- Nokia N900: phone or pocket computer?
- Avira Premium Security Suite 9
- ZoneAlarm Internet Security Suite
- Webroot Internet Security Essentials
- Trend Micro Internet Security
- PC Tools Internet Security 2009
- Panda Internet Security 2009
- Norton Internet Security 2009
- Kaspersky Internet Security 2009
- F-Secure Internet Security 2009
- Eset Smart Security
- Delving into the Norton 2010 line-up
- How to commit Facebook suicide
- Microsoft must stop silently installing browser plugins
- Poking into Facebook security
- Has Microsoft shot itself in the foot with Security Essentials?
- Wi-Fi hacking: don't panic yet
- Gary McKinnon deserves prosecution not extradition
- Sex and online security: how much danger are we really in?
- Security without penalty
- The spam is out, but the viruses are in
advertisement


Printed from www.pcpro.co.uk