home contact keylogger.org add keylogger.org to favorites set keylogger.org as homepage Anti-Keylogger.org
Keylogger testing and reviews

Keylogger testing policy

Press-releases

Keylogger developers

Links 		Monitoring Software Keylogger articles

Get Free Software

Keylogger chat

Keylogger forum

Sponsorship & services
Advertising
Your Ad Here
Site News
Current section

September 24, 2008

New version of PC Activity Monitor Pro (PC Acme Pro) added!
World news

October 10, 2008

Parity provides free online identity management

High-tech bank robbers phone it in

Spread security risks with diversity

Corporate data loss not down to hackers

First quantum encrypted network goes live

Apple Posts Security Update 2008-007

NT hacker blames 'segregation'

ASIC counter-spy to be a tough search

Scotland tightens security for mobile health-data

Home Office publishes data-sharing guidance

EDS loses unencrypted armed-forces data

Data-center security tools to not overlook

Microsoft promises huge patch day next week

Firefox add-on blocks 'clickjacking' attacks
Newsletter
E-mail: 
Subscribe
Send to friend
E-mail: 
Send
Voting

We are planning to redesign our site. We would like You to express your opinion in this respect. Would you like to leave the site as it is? What changes would you like to suggest?

Yes, I like the site as it is.
It's ok, but some changes are necessary.
It should be changed completely.
VotingView results
DISCLAIMER: Logging other people's keystrokes or breaking into other people's computer without their permission can be considered illegal by the courts of many countries. The monitoring software reviewed here is ONLY for authorized system administrators and/or owners of computers. We assume no liability and are not responsible for any misuse or damage caused by the keylogging software. The end user of this software is obliged to obey all applicable local, state, federal and other laws in his country of residence.

July 02, 2008

Trojan lurks, waiting to steal admin passwords

Writers of a password-stealing Trojan horse program have found that a little patience can lead to a lot of infections.

They have managed to infect hundreds of thousands of computers, including more than 14,000 within one unnamed global hotel chain, by waiting for system administrators to log onto infected PCs and then using a Microsoft administration tool to spread their malicious software throughout the network.

The criminals behind the Coreflood Trojan are using the software to steal banking and brokerage account usernames and passwords. They've amassed a 50GB database of this information from the machines they've infected, according to Joe Stewart, director of malware research at security vendor SecureWorks Inc.

"They've been able to spread throughout entire enterprises," he said. "That's something you rarely see these days."

Since Microsoft Corp. shipped its Windows XP Service Pack 2 software with its locked-down security features, hackers have had a hard time finding ways to spread malicious software throughout corporate networks. Widespread worm or virus outbreaks soon dropped off after the software's August 2004 release.

But the Coreflood hackers have been successful, partly because of a Microsoft program called PsExec, which was written to help system administrators run legitimate software on computers across their networks.

For a widespread infection, attackers must first compromise a system on the network by tricking users into downloading their program. Then, when a system administrator logs onto that desktop machine -- to perform routine maintenance, for example -- the malicious software tries to run PsExec and install malware on all other systems on the network.

Often the technique succeeds.

Over the past 16 months, Coreflood's authors have infected more than 378,000 computers. SecureWorks has counted thousands of infections in university networks and has found financial companies, hospitals, law firms and even a U.S. state police agency that have had hundreds of infections. "It's kind of insane how often they are getting on hundreds or thousands of computers at a single company," Stewart said. "They've probably stolen far more accounts than they can use."

The SANS Internet Storm Center reported one of the infections, which affected 600 machines on a 3,000-PC network, on June 25.

Malicious programs have used PsExec for more than five years, said the software's creator, Mark Russinovich, a Microsoft technical fellow. However, this is the first time he had heard of it being used in this fashion. "PsExec doesn't expose anything that a malware author can't code themselves or even accomplish with alternate mechanisms," he said in an e-mail interview. "Once you have credentials that give you local admin rights via remote access, you own that system."

Coreflood, which is also known as the AFcore Trojan, has been around for about six years. It has been used in the past for such things as launching denial-of-service attacks, but not to steal passwords, Stewart said.


Source: ComputerWorld




All news for October 10, 2008:
13:57Parity provides free online identity management
13:56High-tech bank robbers phone it in
13:56Spread security risks with diversity
13:54Corporate data loss not down to hackers
13:53First quantum encrypted network goes live
13:51Apple Posts Security Update 2008-007
13:50NT hacker blames 'segregation'
13:49ASIC counter-spy to be a tough search
13:48Scotland tightens security for mobile health-data
13:47Home Office publishes data-sharing guidance
13:47EDS loses unencrypted armed-forces data
13:45Data-center security tools to not overlook
13:44Microsoft promises huge patch day next week
13:43Firefox add-on blocks 'clickjacking' attacks

All news for October 09, 2008:
13:44Job losses on the way for IT security staff
13:43FSA threatens executives with fines
13:39Anatomy of a SQL Injection Attack
13:37Why Security Pros Hate SharePoint
13:36Remote Workers Care About IT Security -- Really
13:35US gov't report: Data mining is ineffective
13:34Shell warns employees of suspected data loss
13:32'Fast-flux' domains help botnets evade capture
12:46Mozilla locks in Firefox 3.1 feature list
12:45Colorado state Web site dishes out SSNs of CEOs, other top execs
12:43Kernell pleads innocent to Palin hack charge
12:42Symantec to buy e-mail security vendor MessageLabs
12:41Privacy groups praise bill curbing warrantless laptop searches
12:40Tenn. student indicted for hacking Palin's e-mail



All news for October, 2008
All news for 2008 year
All news for 2007 year
All news for 2006 year
All news for 2005 year
All news for 2004 year

DONATION: Keylogger.org is an independent research project supported by a team of enthusiasts. If you find this project useful or would like to help foster its continued development please consider making a donation using PayPal`s online secure payment service.

A PayPal account is not required. All major credit cards are accepted (MasterCard/Eurocard, Visa/Delta/Electron, American Express, Switch/Maestro, Solo). Simply click the button below.

Any amount would be useful and appreciated!

Thanks in advance for your support!

Advertising
Your Ad Here
| home | testing and reviews | testing policy | press_releases | developers |

| articles | contest | chat | forum | sponsorship & services | contacts | links |
Copyright © 2003-2008, Keylogger.Org Team. All Rights Reserved.
Use of any information from this website is permitted only with hypertext link to www.keylogger.org.