Malware and threats have evolved to previously unimagined levels where today's threat authors mean business, whether that is stealing millions of rands worth of proprietary company data or proving a political point.
So says Lutz Blaeser, MD of Intact Software Distribution, who points out the majority of cases are about exfiltrating valuable data like financial logins and passwords. "In order to steal this type of data, cyber crooks make use of information stealers such as keyloggers."
A keylogger (short for keystroke logger) is software that tracks or logs the keys struck on the user's keyboard, typically in a covert manner so that users don't know their actions are being monitored. This is usually done with malicious intent to collect users' account information, credit card numbers, user names, passwords and other private data.
Blaeser's comments come on the back of rising attacks on organisations, one being US bank JPMorgan. This specific data breach was recorded as one of the biggest in history, where sensitive data such as names, addresses, phone numbers and e-mail addresses of the holders of 83 million households and small business accounts were exposed last month.
Blaeser notes in the banking sector, keyloggers have been specifically adapted.
He explains notorious banking Trojans, such as Zeus, are able to intercept the keyboard input directly in the attacked program's process, following the stage in which the keyboard buffer has been read.
"This is known as 'hooking'. Any good anti-virus program should be designed with this in mind, and be able to identify and remove these hooks to prevent attacks of this nature."
He says there are myriad situations in which valuable data can be stolen through keyboard input alone.
"Most online accounts, for example, require a password and user name to access them. In addition, social networks, loyalty programmes, e-mail accounts, online payment sites and gaming sites require the same."
Share