Malicious Keyloggers Run Rampant on Net


Keylogging programs are the epitome of online stealth, and they're also a mushrooming problem on the Internet, where identity and intellectual property thefts are fueling an explosion of key-capture tools.



Reports of new keylogging programs soared higher this year, as part of a wave of multifunction malware with integrated keylogging features, according to VeriSign Inc.'s security information company iDefense Inc. The programs often evade detection by anti-virus tools and can be difficult to detect once installed, experts warn.

More than 6,000 keylogging programs will be released by the end of this year, according to projections by iDefense. That's an increase of 2,000 percent over the last five years, company officials said.

Malicious keyloggers are increasingly part of modular programs that contain Trojan horse, spamming and remote control features, as well, Dunham said.

Anti-virus companies have developed signatures that will stop many of those programs before they can be installed, but new programs with unique signatures are readily available from malicious code download sites. In some cases, the programs' source code can be purchased so buyers can create their own keylogger variants, Dunham said.

Keyloggers are particularly common in countries where online banking fraud is a problem, such as Brazil, said Joe Stewart, a senior security researcher at Lurhq Corp., in Chicago. The keyloggers are coupled with Trojan programs, such as the Banker and PWSteal families, and are programmed to spring to life when victims type the URL of a specific bank or banks into their Web browser or when they launch a Web page with a specific name, Stewart said.


More here:
http://www.eweek.com/article2/0,1895,1893515,00.asp