Select a story below to read more detail or choose from the following subjects: | |||
Trojan lurks, waiting to steal admin passwords Directors' Guides to Managing Information Risk now Available Case of UK hacker to go before Law Lords Spam experiment overloads inboxes Lax passwords led to e-mail snooping Accused spammer must pay MySpace $6 million Most data breaches caused by outsiders, study finds The web trade in credit card details Petrol station customers fall victim to credit card skimming fraud Customer data needs protection UK sees sharp rise in phishing attacks Children and safer net use Social networking sites - the risks Spam continues to blight e-mail US woman charged with stealing business secrets for China |
Trojan lurks, waiting to steal admin passwords
Story date:22 Sep 2008
Source:www.infoworld.com
Background
Criminals have managed to infect nearly 400,000 computers, including more than 14,000 within one unnamed global hotel chain, with a password stealing Trojan called Coreflood.
Microsoft programme utilised to download malicious software
Coreflood, which is also known as the AFcore Trojan, has been around for about six years but this is the first time it has been used to steal passwords.
The criminals behind it have utilised a Microsoft program called PsExec , which was written to help system administrators run legitimate software on computers across their networks. They trick a user on the network into downloading their program, then when a system administrator logs onto the infected desktop machine -- to perform routine maintenance, for example -- the malicious software runs PsExec and installs malware on all other systems on the network. They can then use the software to steal banking and brokerage account usernames and passwords. Security vendor SecureWorks says the criminals have amassed a 50GB database of stolen information. "They've been able to spread throughout entire enterprises," said a spokesman. "That's something you rarely see these days." Infected networks include financial companies, hospitals, law firms, university networks and even a U.S. state police agency. Just one of the infections, reported by the SANS Internet Storm Center, affected 600 machines on a 3,000 PC network on June 25. |