Select a story below to read more detail or choose from the following subjects:
Trojan lurks, waiting to steal admin passwords

Directors' Guides to Managing Information Risk now Available

Case of UK hacker to go before Law Lords

Spam experiment overloads inboxes

Lax passwords led to e-mail snooping

Accused spammer must pay MySpace $6 million

Most data breaches caused by outsiders, study finds

The web trade in credit card details

Petrol station customers fall victim to credit card skimming fraud

Customer data needs protection

UK sees sharp rise in phishing attacks

Children and safer net use

Social networking sites - the risks

Spam continues to blight e-mail

US woman charged with stealing business secrets for China

Trojan lurks, waiting to steal admin passwords

Story date:22 Sep 2008
Source:www.infoworld.com
Background
Criminals have managed to infect nearly 400,000 computers, including more than 14,000 within one unnamed global hotel chain, with a password stealing Trojan called Coreflood.
 
Microsoft programme utilised to download malicious software
Coreflood, which is also known as the AFcore Trojan, has been around for about six years but this is the first time it has been used to steal passwords.

The criminals behind it have utilised a Microsoft program called PsExec , which was written to help system administrators run legitimate software on computers across their networks. They trick a user on the network into downloading their program, then when a system administrator logs onto the infected desktop machine -- to perform routine maintenance, for example -- the malicious software runs PsExec and installs malware on all other systems on the network. They can then use the software to steal banking and brokerage account usernames and passwords.

Security vendor SecureWorks says the criminals have amassed a 50GB database of stolen information. "They've been able to spread throughout entire enterprises," said a spokesman. "That's something you rarely see these days."

Infected networks include financial companies, hospitals, law firms, university networks and even a U.S. state police agency.

Just one of the infections, reported by the SANS Internet Storm Center, affected 600 machines on a 3,000 PC network on June 25.