SpyEye and its Powerful Capabilities
Security researcher Rossano Ferraris at Computer Associates together with his group of other researchers has elaborately studied the notorious Trojan SpyEye and arrived at the conclusion that the malicious program is intelligently coded to indeed do something more than just stealing credentials. Infosecurity-magazine.com published this in news on August 9, 2011.
Reportedly, when Ferraris and his group were conducting the study, they discovered one concealed malevolent Internet site which facilitated them in acquiring admission into a central server of SpyEye that contained plentiful sensitive data.
At this juncture, according to Ferraris, it needs no mention that the particular site was secured with a password so that anybody, anywhere could not access it, save solely those crooks on the Net who had accumulated the stolen data in a cache. He adds that the central server depicts one flexible interface for checking into any concealed repository that consists of the stolen data.
The researcher points out that the link for the credential stealer can be clearly seen, with the miscreant providing exact and elaborate filters for concentrating on specific preferences like "with CVV only."
Eventually owing to SpyEye's severe maliciousness, the security researcher advises end-users for putting in place best security practices such as routinely making security software package up to date; routinely making operating system and other software, including patches up to date; and never loading unnecessary software alternatively add-ons that prompt for just any installation, meaning that only things that are beneficial for them should be maintained while others cancelled or eliminated. Community.ca.com published this in news during the 1st-week of August 2011.
In the meantime, Ferraris reports that at this moment security blogs and security communities all over the globe are widely using SpyEye. The tool, in its present version, contains extremely powerful capabilities, especially created for grabbing sensitive information when Microsoft's Windows operators carry out online financial transactions.
Moreover, anyone can buy the tool from cyber-crime forums or the underground economy. SpyEye, which is crafted for beating security safeguards Internet banks put in place, cripples such systems thus rendering them worthless for the financial institutions, says Ferraris in addition.
Related article: SAP Admits the Charges of Downloading Oracle’s Data
» SPAMfighter News - 17-08-2011