The keylogger from hell

Ok, we have the latest on this identity theft ring.  And it’s pretty interesting.

Remember
that all we found was the cache of data from the thieves — we didn’t
have the actual keylogger that was responsible for it.  We had a
keylogger we had found that was similar and provided us some clues, but
not this specific one that was reporting all this data back.

So we had to find the keylogger.  That entailed trying to actually get a hold of a machine.

Last night, we finally got an infected machine and were able to figure out what’s going on.

Go over to Sunbelt's Blog and see the list of attributes for this keylogger.  It's pretty nasty.

Advertisements

Author: Xavier Ashe

Entrepreneur, Infosec Executive, CISSP, CISM, Ironman triathlete, traveler, UU, paleo, father of 8, goyishe, gamer, & geek. http://linkedin.com/in/xavierashe

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s