The Continual Advancement of the Keylogger
A keylogger is a program that runs in your computer’s background. It will record all your keystrokes, only you don't know it's there. It secretly grabs your keystroke information. When you keystrokes are logged, they are saved and hidden away for the attacker to retrieve later - whenever it's convenient for the keylogger attacker to do so!
The keylogger attacker will then review very carefully, your information in the hopes of finding passwords to important and valuable sites - perhaps your payment processor or online bank! A keylogger/criminal can quite easily gain confidential emails. This person can then reveal them to others - any interested outside party who is willing to pay for this particular information.
Keyloggers can be either software or hardware based. Keyloggers that are Software-based are easy to distribute and they quickly infect user computers before they can be stopped by some systems. I don't really have to tell you that avoiding these nuisance keylogger infections is part of the reason why you should never NEVER run your system without anti-virus and anti-malware software.
While software-based keyloggers really move quickly and are often hidden in other downloads, they are still more easily detectible than the other type of keylogger. Hardware-based keyloggers are quite a bit more complex and harder to detect than the software-based Keyloggers.
For all that you know, your keyboard could have a keylogger chip attached and anything being typed is recorded into a flash memory sitting inside your keyboard. Keyloggers have become one of the most powerful applications used for gathering information today. In our high-tech world, where encrypted traffic is becoming more and more common, keyloggers of both types abound with great regularity and circulation.
As keyloggers become more advanced, it becomes harder to catch them. The ability to detect every-changing and ever-improving keylogging methods becomes more difficult all the time. Keyloggers can violate a computer user’s privacy for months - even years, believe it or not - without being noticed in the least! During that time frame, a keylogger can collect all kinds of information about the user it is monitoring. The potential for a keylogger to obtain not only passwords and login names - but credit card numbers, too - is very high.
Also open to Advanced and efficient keyloggers are:
* bank account details,
* personal contacts,
* business contacts
* an outline of interests (saved from 'Profile' forms)
* web browsing habits
and much, much more.
This collected data can be used to literally steal user’s personal documents, money, or even their identity. A keylogger might be as simple as an .exe and a .dll that is placed in a computer and activated upon boot up via an entry in the registry.
More sophisticated keyloggers, such as the Perfect Keylogger or ProBot Activity Monitor have developed a full line of nasty abilities including:
* Undetectable in the process list and invisible in operation
* A kernel keylogger driver that captures keystrokes even when the user is logged off
* A remote deployment wizard The ability to create text snapshots of active applications
* The ability to capture http post data (including log-ins/passwords)
* The ability to timestamp record workstation usage HTML and text log file export Automatic e-mail log file delivery
All keyloggers are not used for illegal purposes. A variety of other uses have surfaced for the keylogger programs that are around.
Here are some positive uses for Keyloggers:
* They have been used to monitor web sites visited as a means of parental control over children. * They have been actively used to prevent child pornography and avoid children coming in contact with dangerous elements on the web.
* December, 2001, a federal court ruled that the FBI did not need a special wiretap order to place a keystroke logging device on a suspect’s computer. The judge allowed the FBI to keep details of its key logging device secret (citing national security concerns). The defendant in the case, Nicodemo Scarfo Jr., indicted for gambling and loan-sharking, used encryption to protect a file on his computer. The FBI used the keystroke logging device to capture Scarfo’s password and gain access to the needed file.
Thus, now you've gained some details on keyloggers. The only way to keep safe from both types of keyloggers is to USE GOOD ANTI-VIRUS and ANTI-MALWARE programs and practice other obvious good internet navigation habits. Don't let your guard down for a minute. Even if you have great security-ware, you can still get a keylogger if you're careless.
Scan your computer often with the best antivirus and anti-malware products you can get. Update your software, check your security software homepages often just to check on virus alerts and things that you might not have received a notification about.
Showing posts with label anti-virus. Show all posts
Showing posts with label anti-virus. Show all posts
Thursday, July 19, 2007
Saturday, April 21, 2007
Common Viruses To Watch For
Here are some common viruses that are quite constantly circulating on the internet.
Virus: Trojan.Lodear A Trojan horse that attempts to download remote files. It will inject a .dll file into the EXPLORER.EXE process causing system instability.
Virus: W32(dot)Beagle(dot)CO(at)mm (blogger software kept making a link of the virus name because of the '@' symbol)
A mass-mailing worm that lowers security settings. It can delete security-related registry sub keys and may block access to security-related websites.
Virus: Backdoor.Zagaban
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.
Virus: W32/Netsky-P A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.
Virus: W32/Mytob-GH A mass-mailing worm and IRC backdoor Trojan for the Windows platform.
Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.
Virus: W32/Mytob-EX
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.
Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).
Virus: Zafi-D A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. W32/Zafi-D copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe. W32/Zafi-D will also display a fake error message box with the caption "CRC: 04F6Bh" and the text "Error in packed file!".
Virus: W32/Netsky-DA mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.
Virus: W32/Zafi-B A peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to "We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team)"
This is a very small, incomplete list. If you have been having some problems with your computer but haven't yet checked out why your computer is running slow, showing error messages and display other virus-related problems, please - run anti-virus software's scan just to make sure you haven't picked up a virus, worm, or other malware!
Also - update your software often! Many anti-virus programs can help you detect and clean your computer - but no program will help you if you're not doing regular scans and updates.
Virus: Trojan.Lodear A Trojan horse that attempts to download remote files. It will inject a .dll file into the EXPLORER.EXE process causing system instability.
Virus: W32(dot)Beagle(dot)CO(at)mm (blogger software kept making a link of the virus name because of the '@' symbol)
A mass-mailing worm that lowers security settings. It can delete security-related registry sub keys and may block access to security-related websites.
Virus: Backdoor.Zagaban
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.
Virus: W32/Netsky-P A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.
Virus: W32/Mytob-GH A mass-mailing worm and IRC backdoor Trojan for the Windows platform.
Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.
Virus: W32/Mytob-EX
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.
Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).
Virus: Zafi-D A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. W32/Zafi-D copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe. W32/Zafi-D will also display a fake error message box with the caption "CRC: 04F6Bh" and the text "Error in packed file!".
Virus: W32/Netsky-DA mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.
Virus: W32/Zafi-B A peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to "We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team)"
This is a very small, incomplete list. If you have been having some problems with your computer but haven't yet checked out why your computer is running slow, showing error messages and display other virus-related problems, please - run anti-virus software's scan just to make sure you haven't picked up a virus, worm, or other malware!
Also - update your software often! Many anti-virus programs can help you detect and clean your computer - but no program will help you if you're not doing regular scans and updates.
Subscribe to:
Posts (Atom)
