Pop-up program reads keystrokes, steals passwords

Today security researchers have discovered a new malware that affects Internet Explorer. This new malware targets bank customer's information. This program copies keystrokes to steal user's passwords from over 50 target online banking sites.

Security researchers have discovered a malicious program that installs itself through a pop-up ad and can read keystrokes and steal passwords when victims visit any of nearly 50 targeted banking sites.

The targeted sites include major financial institutions such as Citibank, Barclays and Deutsche Bank, researcher Marcus Sachs said Tuesday. "If (the program) recognizes that you are on one of those sites, it does keystroke logging," said Sachs, director of the Internet Storm Center, a site that monitors network threats. Even though all financial sites use encryption built into the browser to protect log-in data, the Trojan horse program can capture the information before it gets encrypted by the browser software. "The browser does not encrypt data between your keyboard and computer. It's encrypting it (when it goes) out onto the Web."

Sachs said the Trojan horse was first discovered on the computer of "an employee at a major dot-com." The victim apparently picked up the program from a malicious pop-up ad that used a flaw in Internet Explorer's helper server to install itself on the user's PC. In this case, because of the computer's security settings, the installation failed. Microsoft said IE users should raise the security settings to high until the company issues a patch.

News source: C|Net News.com

Previous Story
Windows XP Game Advisor
Next Story
Microsoft documents detail SAP buyout plan