While the use of keyloggers is nothing new to SecurityFocus readers, their use for illegal activity is continuing to rise. The New York Times has an article discussing the growing trend of keyloggers used by criminals to steal banking information from unwary users. As the news coverage of keyloggers becomes more mainstream, the magnitude of the growing problem becomes more apparent. The article reports that Brazilian police recently broke up a fraud ring that stole $4.7 million USD from 200 different accounts using keyloggers. And earlier this month, Russian authorities broke up a similar ring which had stolen over $1.1 million from personal bank accounts in France.
Keyloggers can be surreptitiously installed in a myriad of ways, from spyware drive-by Web downloads, hidden within peer-to-peer applications or downloads, inside Trojan horses and other viruses, files shared through IM, email, and more. Most of the time keyloggers are installed without the user's knowledge, and it is believed that no current anti-virus technology will identify 100% of current keylogger threats.
Posted by: Kelly Martin