Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, November 15, 2005

Keyloggers Jump 65% As Info Theft Goes Mainstream

The number of keyloggers unleashed by hackers exploded this year, soaring by 65 percent in 2005 as e-criminals rush to steal identities and information, a security intelligence firm said Tuesday.  “The overall number of keyloggers has just skyrocketed this year,” said Ken Dunham, senior engineer with Reston, Va.-based VeriSign iDefense.  Keyloggers are small programs, silently installed by the attacker, typically after an earlier attack that compromised the computer through a vulnerability in the operating system or Internet browser, that record all or selected keystrokes, then sends that data to the hacker.

Hackers are on a pace to deploy a record-setting 6,191 different keyloggers in 2005, a 65 percent boost from the 3,753 keyloggers released in 2004, said iDefense.

A keylogger-based theft of 220 million pounds ($382 million) from the London offices of the Japanese bank Sumitomo Mitsui was foiled in March, while in August, researchers at Sunbelt Software stumbled on an offshore server jammed with information—including usernames, passwords, telephone numbers, credit card and bank account numbers—stolen with a keylogger.

“Everybody knows about viruses and worms, but the threat of the unknown is the greatest threat we face,” said Dunham.

Posted on 11/15