February 03, 2005More Hijackings Followup
As a followup to a posting a few days ago, it has been suggested that the Bad Stuff installed by visiting the Web site I described is a Trojan horse type of program of the "Banker" family. This Windows malware typically sits in the background and monitors your browser activity. When you visit a variety of financial institution Web sites (the program contains a list of targeted URLs), the background program monitors your keystrokes (sometimes taking screenshots), and thus captures your log in user ID and password.
I think if everyday email users knew how much personal damage a simple click on a link within a spam message could do, they'd stop clicking email links—even from sources they trust. That it took 43 hours for the site's ISP to take down the account is a crime in itself. The site may be down, but the Trojan certainly continues to live in its infected machines, sending its captured treasure to who-knows-where.Posted on February 03, 2005 at 09:00 AM