SpyEye Now Designed to Compromise PCs, Microphones, Webcams, finds Kaspersky

Researchers at Kaspersky Labs the highly-renowned security company have spotted the use of the notorious malicious program SpyEye, tweaked to compromise microphones and webcams on the PCs of users in attacks. The idea behind these compromises, it's realized, is to intercept the users' online operations for harvesting sensitive information like passwords and more that the cyber-criminals can abuse for committing bank fraud as also unauthorized financial transactions.

Essentially, by taking advantage of the plug-in-based structure of the SpyEye's latest variant, the perpetrators crafted one fresh plug-in called flashcamcontrol.dll that added to the malware's basic ability and so compromise peripherals. The flashcamcontol.dll actually manipulates the contaminated computer's Flash Player configurations in order that the chosen Internet sites may control the microphone and web-camera surreptitiously. As per Kaspersky, these Internet sites are hosted in Germany created for online-banking.

The sites whenever visited result in the SpyEye to implant one Flash applet onto HTML code associated with it. Thereafter, the Trojan utilizes the Messaging Protocol in real time for transmitting the intercepted audio and video onto the criminal's botnet server.

Dmitry Tarakanov, security expert at Kaspersky says that the attack may have wider intentions like letting the attacker tap phone-calls through the bank asking for validation of personal PIN (personal identification number) of a victimized user. H-online.com published this on May 23, 2012.

Actually, bank clients talking to telephone operators at banks, without hesitation reveal their sensitive details along with account particulars thinking that necessary for confirming their identity. Such details normally include one's birth-date, mother's name before marriage, Social Security and credit card numbers, together with TPIN (Telephone PIN) utilized for tele-banking transactions.

Explaining further, Tarakanov said that the intruder, through the microphone, could listen followed with phoning up the bank while impersonating the client, as well as use the latter's eavesdropped code to know the latest login and phone particulars so he might get hold over the victimized client's financial account wholly. Securelist.com published this on May 21, 2012.

Similarly, when the cyber-criminals compromise webcams, they get to see the victims' reactions on going through the malware's socially-engineered e-mails, flashed on the banking sites.

Related article: SAP Admits the Charges of Downloading Oracle’s Data

» SPAMfighter News - 6/2/2012