New IE spy progie exploits DCOM

Thanks Big Booger

A group of Japanese security enthusiasts has developed a little tool called IEen which exposes traffic between an IE user and any server hes contacting, including logins and passwords over HTTPS

To use the tool its necessary to log in as a current user on a Win-NT or 2K system. Of course if someone can log into your account they already have a great deal of your life in their hands and this is only going to give them a little bit more.

Whats interesting here is the ability to capture packets between the client and server by exploiting DCOM (Distributed Component Object Model), a Microsoft program interface allowing the mediation and exchange of program and data objects over a network

News source: The Reg (US)

View: The Full Story

Report a problem with article
Previous Story

IntelliMouse Recall

Next Story

New UK Online tab for messenger

-1 Comments - Add comment