August 8, 2010

Characteristics of Data-Stealing Malware

"Finding the tool to unlock hidden pathwa...
Characteristics of data-stealing malware

  • Does not leave traces of the event

  • The malware is typically stored in a cache which is routinely flushed

  • The malware may be installed via a drive-by-download process

  • The website hosting the malware as well as the malware is generally temporary or rogue
Frequently changes and extends its functions

  • It is difficult for antivirus software to detect final payload attributes due to the combinations of malware components

  • The malware uses multiple file encryption levels
Thwarts Intrusion Detection Systems (IDS) after successful installation

  • There are no perceivable network anomalies

  • The malware hides in web traffic

  • The malware is stealthier in terms of traffic and resource use
Thwarts disk encryption

  • Data is stolen during decryption and display

  • The malware can record keystrokes, passwords, and screenshots
Thwarts Data Loss Prevention (DLP)

  • Leakage protection hinges on metadata tagging, not everything is tagged

  • Miscreants can use encryption to port data
Examples of data-stealing malware

  • Bancos, an info stealer that waits for the user to access banking websites then spoofs pages of the bank website to steal sensitive information

  • Gator, spyware that covertly monitors web-surfing habits, uploads data to a server for analysis then serves targeted pop-up ads

  • LegMir, spyware that steals personal information such as account names and passwords related to online games

  • Qhost, a Trojan that modifies the Hosts file to point to a different DNS server when banking sites are accessed then opens a spoofed login page to steal login credentials for those financial institutions

About the Author

Tomboy

Author & Editor

Has laoreet percipitur ad. Vide interesset in mei, no his legimus verterem. Et nostrum imperdiet appellantur usu, mnesarchum referrentur id vim.

Post a Comment

 
Iwebslog Blog © 2015 - Designed by Templateism.com