Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

SpyEye Trojan Grows In Popularity

SecureWorks : 21 June, 2011  (Technical Article)
Secureworks comments on the SpyEye malware which is growing in popularity amongst the hacking community as a popular toolkit
SpyEye Trojan Grows In Popularity

Following the news that Virgin Media has warned 1,500 customers about a malicious virus called SpyEye, SecureWorks made the following comments about this latest threat. 


“In January 2010, an individual announced the development and sale of a new toolkit known as SpyEye. It was heavily targeted in online criminal web forums as a low-cost, “ZeuS Killer” alternative and aimed to combine the best features of ZeuS and SpyEye into a “best-of-breed” crimeware toolkit.


While its a relative newcomer to the marketplace, the SpyEye Trojan, has quickly grown into one of the most popular toolkits available. Since then there have been various developments including rumours of the sale of Zeus source code to the author of SpyEye; possibly of more interest is that there has been a significant uptick in the use of SpyEye for online banking fraud.


“SpyEye provides a standard set of capabilities that have been commonly found in malware over the past few years and it is able to:


* Modify web content – on-the-fly – without user knowledge

* Steal data entered into HTML forms, such as online banking account credentials, ebay login details – in fact any user submitted information

* Takes screenshots of the web browser when a user navigates to a targeted website

* Instrument additional processes to attempt to steal additional account credentials (e.g. FTP (File Transfer Protocol) and POP3 (Post Office Protocol 3)) from network communications


“Current versions of SpyEye contain rootkit capabilities that attempt to hide the presence of its files from casual examination of an infected system.


In addition, the trojan attempts to make several registry additions and modifications to Internet Explorer settings in an attempt to lower the security posture of the infected computer. “The SpyEye trojan continues to become an increasingly popular choice as a toolkit for criminals looking to profit from online financial fraud. This continuous evolution necessitates monitoring new versions of SpyEye, SpyEye configurations, and any new plugins that are incorporated by individual customers to obtain a full view of the threat landscape posed by SpyEye. As a result, comprehensive monitoring of networks 24-7 in real-time, across multiple levels of security is vital so that organisations have a clear picture of what’s going on both in and outside their networks. Having a true 360 degree view of your network increases the chances of combating sophisticated and targeted attacks at any security layer.”

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo