Keylogging Internet worm on the loose

Anti-virus firm F-Secure is warning of the spread of a keylogging Internet worm designed to steal online passwords and credit card numbers from infected computers.

Be the first to comment

Keylogging Internet worm on the loose

Editorial

This content has been selected, created and edited by the Finextra editorial team based upon its relevance and interest to our community.

The worm, known as Korgo, exploits the LSASS vulnerability to auto-infect Windows systems that haven't applied the MS04-11 patch issued by Microsoft in April.

F-Secure's Mikko Hypponen says the worm is spreading actively and is aggressively stealing user information from infected machines.

"It does this via a keylogger which specifically collects user logins for online banks (the ones which do not use one-time passwords)," he says. "It also logs everything the user types to any Web form - this will collect lots of credit card numbers, passwords etc."

Information culled from machines is sent to one of 11 geographically distributed Internet Relay Chat (IRC) servers.

Hypponen advises anyone infected by Korgo to change their passwords and cancel their credit cards. "Especially the ones you've used during last week. This is not a joke."

Sponsored [On-Demand Webinar] Banks and Credit Unions: How to Establish the Core Banking Blueprint

Related Company

Comments: (0)

[New Whitepaper] Beyond Tomorrow In The Capital MarketsFinextra Promoted[New Whitepaper] Beyond Tomorrow In The Capital Markets