Password-stealing malware on the rise
Posted on 3 Nov 2009 at 11:05
The number of password-stealing programs found on the internet are increasing at an enormous rate, far outstripping the growth of computer viruses. Microsoft reports an 8.3 per cent rise in detected viruses but claims that password stealing and monitoring programs have increased by 450.6 per cent.
In its Microsoft Security Intelligence Report the company compares the number of threats that it has detected in the second half of 2008 with figures from the first half of 2009. Although it found that computer viruses continue to dominate the threat landscape (it records over 68 million viruses in 2009), the growth of password stealers is notable. There were just 1.2 million unique samples found last year, compared to seven million this year. No other threat type in its records comes close to this level of growth.
Other increasing (but lesser) trends were observed in adware, spyware, Trojans and exploits.
Password stealing software is designed to record a victim's passwords and will usually transmit them to a criminal, who will either use or sell these details for financial gain. If the passwords are for web hosting accounts then the criminal can log in, infect the site and thus attack visitors to that site.
Microsoft notes that such malware is usually either packages or downloaded by other threats, such as Trojans. For example, a rogue anti-virus program (e.g. Win32/InternetAntivirus) that infects systems through social engineering techniques may then download further software, including a password stealer. From the report:
"Like most rogue security software, Win32/InternetAntivirus is heavily dependent on social engineering to spread. Misleading victims into paying for worthless software is the usual method by which attackers make money with rogue security software, and InternetAntivirus is no different, displaying warnings about a number of nonexistent threats on the user??s computer and offering to remove them for a price. In addition to typical rogue security software behavior, however, InternetAntivirus also downloads a password stealer, Win32/Chadem, when installed. Chadem monitors network traffic on the affected computer and attempts to steal user names and passwords for File Transfer Protocol (FTP) sites. The attacker uses the captured credentials to compromise servers and use them to host malware. Chadem was found on 27.5 percent of the computers that were infected with InternetAntivirus, more than any other family."
Author: Simon Edwards
Find a review
advertisement
Aeris Muvman
Category: GadgetsRating:
Price: £341
Kingston Ultimate 64GB SDXC
Category: GadgetsRating:
Price: £110
Logitech HD Webcam C270
Category: GadgetsRating:
Price: £16
Symantec Norton Online Backup
Category: SoftwareRating:
Price: £40
Samsung High Speed microSDHC card
Category: GadgetsRating:
Price: £11
- Virgin Media celebrates 5th birthday with speeds soon to double
- Win Kaspersky ONE for Safer Internet Day
- Ofcom tells BT to drop its wholesale prices
- Pirate Bay launches downloadable physical objects
- O2 phone numbers unwittingly shared with websites
- Microsoft Points to be discontinued?
- Win Tekken: Blood Vengeance on DVD
- OnLive Desktop brings Windows 7 to the iPad
- Nokia chief Elop denies Microsoft buy-out plans
- Fujitsu launches Arrows Tab Wi-Fi waterproof tablet
Software Store
advertisement

