Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Malicious Keyloggers Run Rampant on Net

    By
    Paul F. Roberts
    -
    November 28, 2005
    Share
    Facebook
    Twitter
    Linkedin

      Keylogging programs are the epitome of online stealth, and theyre also a mushrooming problem on the Internet, where identity and intellectual property thefts are fueling an explosion of key-capture tools.

      Reports of new keylogging programs soared higher this year, as part of a wave of multifunction malware with integrated keylogging features, according to VeriSign Inc.s security information company iDefense Inc. The programs often evade detection by anti-virus tools and can be difficult to detect once installed, experts warn. However, at least one anti-spyware company believes that reports about the danger posed by keyloggers are overstated.

      More than 6,000 keylogging programs will be released by the end of this year, according to projections by iDefense. Thats an increase of 2,000 percent over the last five years, company officials said.

      Keyloggers have been around for years and are also sold as legitimate applications—often as monitoring tools for concerned parents or suspicious spouses—according to Ken Dunham, director of malicious code at iDefense, in Reston, Va.

      /zimages/5/28571.gifEarlier this year, police foiled a $420 million keylogger scam. Click here to read more.

      Security companies occasionally lock horns with makers of commercial keyloggers. For example, earlier this month, anti-spyware software maker Sunbelt Software Inc. was threatened with a lawsuit by RetroCoder Ltd., a U.K. company that was angry about Sunbelt listing RetroCoders SpyMon keylogger in its threat database, according to a blog entry by Sunbelt President Alex Eckelberry in Clearwater, Fla.

      SpyMons EULA (end-user license agreement) forbids anti-spyware and anti-virus companies from using or analyzing the program, and RetroCoder threatened to enforce that provision in European Union court unless the program was removed from the threat database, according to Sunbelt officials.

      Malicious keyloggers are increasingly part of modular programs that contain Trojan horse, spamming and remote control features, as well, Dunham said.

      Anti-virus companies have developed signatures that will stop many of those programs before they can be installed, but new programs with unique signatures are readily available from malicious code download sites. In some cases, the programs source code can be purchased so buyers can create their own keylogger variants, Dunham said.

      Keyloggers are particularly common in countries where online banking fraud is a problem, such as Brazil, said Joe Stewart, a senior security researcher at Lurhq Corp., in Chicago. The keyloggers are coupled with Trojan programs, such as the Banker and PWSteal families, and are programmed to spring to life when victims type the URL of a specific bank or banks into their Web browser or when they launch a Web page with a specific name, Stewart said.

      /zimages/5/28571.gifOrganized gangs are taking over crime on the Web. Click here to read about some of the major players, how they work and how big a threat they really are.

      Keyloggers are also pouring out of countries in Eastern Europe that are less discriminating about what kind of log-in information they capture. China is a major source of Trojan and keylogger programs, such as Myfip, that are customized to steal intellectual property, such as Microsoft Corp. Word or CAD/CAM files, rather than personal or financial information, he said.

      Still, some take issue with the dire warnings about keylogging programs.

      Eckelberry used his blog to question iDefenses statistics on keylogging programs. He wrote that his companys researchers have identified only “a couple dozen” new keylogging programs since August, affecting only about 8,000 people.

      /zimages/5/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

      Paul F. Roberts
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×