Cloud Keyloggers?

JMH

JMH

Banned
Local time
6:02 AM
Messages
6,448
Keystroke-logging computer viruses let crooks steal your passwords, and sometimes even read your e-mails and online chats. Recently, however, anonymous criminals have added insult to injury, releasing a keylogger strain that publishes stolen information for all the world to see at online notepad sharing sites such as pastebin.com.





Last week, security experts at BitDefender discovered a continuing stream of new entries at pastebin.com and pastebin.ca that included text files laid out in the format typically used by keystroke-logging malware. For example, each keypress in the log posted to pastebin.com is preceded by a listing of the program currently in focus on the victim’s screen, and each function key pressed is spelled out, so that when the victim hits the backspace or down arrow key, for instance, the keystroke log will show a “[back]” or “[down]” entry in place of each corresponding keypress (see the screenshot to the right).

Typically, keystroke logging malware will submit stolen data to a Web server specified in the malware that the attacker controls. BitDefender theorizes that those responsible for creating this keylogger variant may have chosen pastebin.com because it is unlikely to be blocked by Web filters or malware blacklists.

I kept the pastebin.com home page open most of the weekend and refreshed it periodically, and confirmed that a relatively large number of keylogger records were being uploaded in real time to the free service. To the right is one of many screenshots I took of the files I found on Pastebin.com.

Pastebin owner Jeroen said Pastebin is aware of the problem and is working on a new version of the site that should block these automated keyloggers from posting their content there.
Click to expand...
Source -
Cloud Keyloggers? — Krebs on Security
 

My Computer

Computer Manufacturer/Model Number
LAPTOP. HP Pavilion dv7-4010TX .
OS
Win 7 Ultimate 64-bit. SP1.
CPU
Intel i7 -720QM.[1.6GHz Turbo Boost 2.8GHz. 6MB Cache.]
Memory
8 DDR 3 RAM. 1066MHZ
Graphics Card(s)
ATI 1024 MB. DDR3. Radeon HD5650
Monitor(s) Displays
17.3" High Definition Brightview LCD. LED Backlit.
Screen Resolution
1600 x 900.
Hard Drives
640GB
Case
Laptop / notebook.
Mouse
Logitech Anywhere mouse. MX.
Internet Speed
ADSL [ but too slow ]
Interesting info. But i'm interested whats the best anti keylogging software that can effectively detect and remove keyloggers.
 

My Computer

Computer Manufacturer/Model Number
Self-built on 31/1/11
OS
Windows 7 Ultimate 64 bit
CPU
Intel i5 2400 @ 3.80 GHz
Motherboard
Ashrock P67 Extreme 4
Memory
Mushkin Silverline 996768 4GB
Graphics Card(s)
MSI GTX 460 760MB Cyclone Overclocked
Sound Card
Integrated
Monitor(s) Displays
Asus VH202T 20" Widescreen
Screen Resolution
1600x900
Hard Drives
SSD: OCZ Vertex 2 60GB
HDD: Hitachi Deskstar 7K1000.C 500GB
PSU
Silverstone Strider 500W
Case
Zalman Z9 Plus
Cooling
Cooler Master Hyper 212 Plus
Keyboard
Logitech Wireless Keyboard MK520
Mouse
Logitech M310
Internet Speed
3 Mbps
Other Info
UEFI: Ashrock P67/
Network Card :TP-Link WN350GD/
WEI: 7.4/
ODD: Lite-On IHAS324
I visited pastebin.com and in 5 minutes had over 200 username.password combos for all sorts of sites... mostly facebook but also amazon.com, dating sites, porn sites, netflix, aol, google... didn't notice any banks but I'm sure they're out there too. This is unreal.
 

My Computer

Computer Manufacturer/Model Number
Sony VGN-AR670
OS
Windows 7 64bit
You must log in or register to reply here.
Back
Top