funsec mailing list archives
Keyloggers: How They Work and How to Detect Them (Part 1)
From: "Fergie" <fergdawg () netzero net>
Date: Sat, 31 Mar 2007 21:12:02 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 A very nice write-up by Nikolay Grebennikov over at Viruslist.com. [snip] In February 2005, Joe Lopez, a businessman from Florida, filed a suit against Bank of America after unknown hackers stole $90,000 from his Bank of America account. The money had been transferred to Latvia. An investigation showed that Mr. Lopezs computer was infected with a malicious program, Backdoor.Coreflood, which records every keystroke and sends this information to malicious users via the Internet. This is how the hackers got hold of Joe Lopezs user name and password, since Mr. Lopez often used the Internet to manage his Bank of America account. However the court did not rule in favor of the plaintiff, saying that Mr. Lopez had neglected to take basic precautions when managing his bank account on the Internet: a signature for the malicious code that was found on his system had been added to nearly all antivirus product databases back in 2003. Joe Lopezs losses were caused by a combination of overall carelessness and an ordinary keylogging program. [snip] More: http://www.viruslist.com/en/analysis?pubid=204791931 - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.0 (Build 214) wj8DBQFGDs6Wq1pz9mNUZTMRAuzLAJ41ls8CtNDZsUQtFMNwceu3RYAsrgCg9Yeg unQZnme4a0HGMDNGgKcTFIc= =79a/ -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Keyloggers: How They Work and How to Detect Them (Part 1) Fergie (Mar 31)
- <Possible follow-ups>
- Re: Keyloggers: How They Work and How to Detect Them (Part 1) Fergie (Mar 31)