A team of researchers have published a case study that focuses on keyloggers and their use to harvest banking-related user names and passwords. The team observed over 70 different data-stealing malware and found over 33 GB of log files in “dropzones.”

The log files contained personal information on more than 170,000 victims, including passwords, PINs, user names, and so on. They also contained information, including PINs, on over 10,000 bank accounts, over 140,000 email passwords and the access details of nearly 80,000 members of social networking sites such as Facebook and Hi5.

The team singled out the Limbo keylogger for detailed analysis. They observed a total of 164,000 infections with this malware. The keylogger stored most of the data it collected in two Chinese drop zones. Geographically this broke down as; 16 per cent of the infections were traced to Russia, 14 per cent to the USA, 13 per cent to Spain, 12 per cent to the UK, and surprisingly, 7 per cent to Germany.

At the conclusion of the study, the team handed over its data to the Australian CERT (AusCert), which has a system for passing information on to banks and other institutions, who can then inform the victims and take steps to remedy the situation.

Read more here.

Popularity: 6% [?]