Keyloggers are becoming an indispensable tool for online fraudsters, if research from iDefense is any indication. The digital underground is on pace to launch an unprecedented 6,191 keyloggers by year's end -- a 65% spike from the 3,753 released last year.
"Keylogging is a very effective method for hackers," Joe Payne, vice president of iDefense Security Intelligence Services, a division of Mountain View, Calif.-based VeriSign Inc., said in a statement released Tuesday. "Fraudsters can launch hundreds of keylogging attacks around the world in seconds, gathering sensitive data to conduct large-scale monetary transfers for their illegal activities."
Security experts have fingered
In August, for example, Clearwater, Fla.-based Sunbelt Software said keylogging software was being used to collect user IDs, passwords, bank account balances and other personal information as part of a massive identity theft ring it stumbled upon while doing research on an exploit using CoolWebSearch, a program connected to the distribution of spyware and adware. The company contacted the FBI and Secret Service and both launched investigations.
"Once a keylogging program is activated, it provides hackers with personal data such as an address, account numbers, mothers' maiden names or passwords -- any strings of text a person might enter online," iDefense noted in its statement. "Using this information to assume another's identity, hackers run up charges averaging $3,968 per victim, according to a Nationwide Mutual Insurance Co. survey. Sixteen percent of victims were required to pay for at least some of this fraud, and spent an average of 81 hours to resolve their cases, reported the survey."
iDefense said hackers use a variety of techniques to gather and filter logged keystrokes, including the Internet Relay Chat (IRC) system. Some groups create and sell keylogging programs to identity thieves, while others sell the stolen data itself, iDefense added.
"There are so many victims because so few know the risk or the early warning signs; you simply can't stop what you can't see," Payne said. "In addition to basic protections like up-to-date antivirus programs and well-configured firewalls, the best defense for keylogging is to carefully track the organizations and hackers who promulgate these programs."