Article

Hackers installing keyloggers at a record rate

Bill Brenner

Keyloggers are becoming an indispensable tool for online fraudsters, if research from iDefense is any indication. The digital underground is on pace to launch an unprecedented 6,191 keyloggers by year's end -- a 65% spike from the 3,753 released last year.

"Keylogging is a very effective method for hackers," Joe Payne, vice president of iDefense Security Intelligence Services, a division of Mountain View, Calif.-based VeriSign Inc., said in a statement released Tuesday. "Fraudsters can launch hundreds of keylogging attacks around the world in seconds, gathering sensitive data to conduct large-scale monetary transfers for their illegal activities."

Security experts have fingered

    Requires Free Membership to View

keyloggers as one of the more insidious forms of spyware.

In August, for example, Clearwater, Fla.-based Sunbelt Software said keylogging software was being used to collect user IDs, passwords, bank account balances and other personal information as part of a massive identity theft ring it stumbled upon while doing research on an exploit using CoolWebSearch, a program connected to the distribution of spyware and adware. The company contacted the FBI and Secret Service and both launched investigations.

Related content on keyloggers

'Whispering keyboards' making noise again

How to detect and prevent keylogger attacks

"Once a keylogging program is activated, it provides hackers with personal data such as an address, account numbers, mothers' maiden names or passwords -- any strings of text a person might enter online," iDefense noted in its statement. "Using this information to assume another's identity, hackers run up charges averaging $3,968 per victim, according to a Nationwide Mutual Insurance Co. survey. Sixteen percent of victims were required to pay for at least some of this fraud, and spent an average of 81 hours to resolve their cases, reported the survey."

iDefense said hackers use a variety of techniques to gather and filter logged keystrokes, including the Internet Relay Chat (IRC) system. Some groups create and sell keylogging programs to identity thieves, while others sell the stolen data itself, iDefense added.

"There are so many victims because so few know the risk or the early warning signs; you simply can't stop what you can't see," Payne said. "In addition to basic protections like up-to-date antivirus programs and well-configured firewalls, the best defense for keylogging is to carefully track the organizations and hackers who promulgate these programs."


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: