The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: keylogger

KeySweeper — Arduino-based Keylogger for Wireless Keyboards

KeySweeper — Arduino-based Keylogger for Wireless Keyboards

January 13, 2015Swati Khandelwal
Security researcher has developed a cheap USB wall charger that is capable to eavesdrop on almost any   Microsoft   wireless  keyboard . MySpace mischief-maker Samy Kamkar has released a super-creepy keystroke logger for Microsoft wireless keyboards cunningly hidden in what appears to be a rather cheap, but functioning USB wall charger. The stealthy Arduino-based device, dubbed " KeySweeper ", looks and functions just like a generic USB mobile charger, but actually sniffs, decrypts, logs, and reports back all keystrokes from a Microsoft wireless keyboard. " KeySweeper is a stealthy Ardunio-based device camouflaged as a wall charger that wirelessly sniffs, decrypts, logs and reports-back all keystrokes from any Microsoft wireless keyboard in the vicinity," Kamkar said. The security researcher has also released instructions on how to build the USB wall charger online and surprisinglyits is cheap to build and quite capable. KeySweeper includes a web
BadUSB Malware Code Released — Turn USB Drives Into Undetectable CyberWeapons

BadUSB Malware Code Released — Turn USB Drives Into Undetectable CyberWeapons

October 04, 2014Swati Khandelwal
Once again USB has come up as a major threat to a vast number of users who use USB drives – including USB sticks and keyboards. Security researchers have released a bunch of hacking tools that can be used to convert USB drive into silent malware installer. This vulnerability has come about to be known as " BadUSB ", whose source code has been published by the researchers on the open source code hosting website Github , demanding manufacturers either to beef up protections for USB flash drive firmware and fix the problem or leave hundreds of millions of users vulnerable to the attack. The code released by researchers Adam Caudill and Brandon Wilson has capability to spread itself by hiding in the firmware meant to control the ways in which USB devices connect to computers. The hack utilizes the security flaw in the USB that allows an attacker to insert malicious code into their firmware. But Wait! What this means is that this critical vulnerability is now ava
Windows 10 Preview Has A Keylogger to Watch Your Every Move

Windows 10 Preview Has A Keylogger to Watch Your Every Move

October 04, 2014Wang Wei
This week Microsoft announced the next version of its Operating system, dubbed WIndows 10, providing Windows 10 Technical Preview release under its " Insider Program " in order to collect feedback from users and help shape the final version of the operating system, but something really went WRONG! " Inside Microsoft's Insider Program you'll get all the latest Windows preview builds as soon as they're available. In return, we want to know what you think. You'll get an easy-to-use app to give us your feedback, which will help guide us along the way ." Microsoft website reads . Well, how many of you actually read the " Terms of Service " and " Privacy Policy " documents before downloading the Preview release of Windows 10? I guess none of you, because most computer users have habit of ignoring that lengthy paragraphs and simply click " I Agree " and then " next ", which is not at all a good practise. Also Read:   Deep Web Search Engines .
Limitless Keylogger Optimized with AutoIT Infected thousands of Computers

Limitless Keylogger Optimized with AutoIT Infected thousands of Computers

September 23, 2014Wang Wei
A new surge of malware has been discovered which goes on to infect hundreds of thousands of computers worldwide and allegedly steals users' social and banking site credentials. Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine giant, Google said that Gmail credentials didn't come from the security breaches of its system, rather the credentials had been stolen by phishing campaigns and unauthorized access to user accounts. Just now, we come across another similar incident where cyber criminals are using a malware which has already compromised thousands of Windows users worldwide in an effort to steal their Social Media account, Online account and Banking account Credentials. A Greek Security Researcher recently discovered a malware sample via a spam campaign (caught in a corporate honeypot), targeting large number of computers users rapidly. He investigated and posted a detailed technical analyses of
Beware Of Fake 'HeartBleed Bug Remover Tool', Hijacks System with Malware

Beware Of Fake 'HeartBleed Bug Remover Tool', Hijacks System with Malware

May 28, 2014Wang Wei
I am considering that you all must have read my last article on OpenSSL Heartbleed , a critical bug in the OpenSSL's implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server's memory, potentially revealing users data, that the server did not intend to reveal. The Heartbleed vulnerability made headlines around the world and my last article explains everything about probably the biggest Internet vulnerability in recent history, but still some readers are not aware of its nature, otherwise they would not have been a victim of the spam campaigns. Spammers are very smart on gaining from every opportunity they get, so this time they are taking advantage of the infamous Heartbleed bug and frighten the users into installing Anti-Heartbleed Software onto their systems, which is obviously a malware. The researchers at Symantec have unearthed a spam campaign targeting people by sending spam emails that warns them their
ZeuS Botnet Updating Infected Systems with Rootkit-Equipped Trojan

ZeuS Botnet Updating Infected Systems with Rootkit-Equipped Trojan

April 21, 2014Wang Wei
ZeuS , or Zbot is one of the oldest families of financial malware , it is a Trojan horse capable to carry out various malicious and criminal tasks and is often used to steal banking information. It is distributed to a wide audience, primarily through infected web pages, spam campaigns and drive-by downloads. Earlier this month, Comodo AV labs identified a dangerous variant of ZeuS Banking Trojan which is signed by stolen Digital Certificate belonging to Microsoft Developer to avoid detection from Web browsers and anti-virus systems.  FREE! FREE! ZeuS BRINGS ROOTKIT UPDATE Recently, the security researcher, Kan Chen at Fortinet has found that P2P Zeus botnet is updating its bots/infected systems with updates version that has the capability to drop a rootkit into infected systems and hides the trojan to prevent the removal of malicious files and registry entries. The new variant also double check for the earlier installed version (0x38) of ZeuS trojan on the infecte
Android Malware 'Dendroid' targeting Indian Users

Android Malware 'Dendroid' targeting Indian Users

March 27, 2014Swati Khandelwal
The devices are becoming smarter, therefore the chances to abuse them have increased. As the share of Android has become 87% in the global Smartphone market, so the Android is by far an elementary target of the mobile malware developers. The number of malware variants has increased rapidly and today 99 out of 100 mobile viruses are targeting Android Devices. Most of the sophisticated malware has the capability to steal keylogs , send text messages to the premium numbers, steal personal data without requesting permission from the device user, also have the caliber to modify SMS and MMS messages and contacts.  Mobile Malware can modify or steal the content stored on your device's SD card and some advance botnet  malware even can give complete remote control of your device to an attacker. DENDROID Beginning this month, we warned our readers from one such sophisticated android malware toolkit discovered by the Symantec researchers that dubbed as ' Dendroid ', which runs on HTTP prot
Pony Botnet steals $220,000 from multiple Digital Wallets

Pony Botnet steals $220,000 from multiple Digital Wallets

February 25, 2014Swati Khandelwal
Are you the one of the Digital Currency Holder? PONY is after You.  A Group of cyber criminals has used hundreds of thousands of infected computers of the digital currency holders to filch approximately $220,000 worth of Bitcoins and other virtual currencies. The researchers at the security firm, Trustwave have uncovered the Bitcoin Heist that was accomplished by the computers infected with a new class of malware that has been dubbed as ' Pony ', a very powerful type of Spying Keylogger Malware with very dangerous features that was last time found two months ago. Pony, for those who have not yet heard about it, is a bot controller much like any other, with the capability to capture all kinds of confidential information and access passwords. It contains a control panel, user management, logging features, a database to manage all the data and, of course, the statistics. It can see the passwords and login credentials of infected users when they access applications and
Tor-enabled Point-of-Sale malware 'ChewBacca' stole Credit Card data from 11 Countries

Tor-enabled Point-of-Sale malware 'ChewBacca' stole Credit Card data from 11 Countries

January 31, 2014Swati Khandelwal
After the massive data breaches at U.S retailers Target and Neiman Marcus in which financial credentials of more than 110 million and 1.1 million customers were compromised respectively, shows that the Point of Sale (POS) system has become a new target for the cyber criminals. Despite the BlackPOS malware of Point of Sale (POS) system that comes out as the major cause of these data breaches, malware writers are upgrading and developing more Trojans to target POS system. In December, the security researchers at anti-virus firm Kaspersky Lab discovered a Tor-based banking trojan , dubbed " ChewBacca ", that was initially categorized as a Financial trojan, but recently security researchers at RSA have uncovered that 'ChewBacca' is also capable of stealing credit card details from point of sale systems. ' ChewBacca ', a relatively new and private Trojan, used in the 11 countries as a POS malware is behind the electronic theft. ChewBacca communicat
24-year-old Russian Hacker and Developer of SpyEye Banking Trojan pleads guilty

24-year-old Russian Hacker and Developer of SpyEye Banking Trojan pleads guilty

January 29, 2014Swati Khandelwal
A Russian man has pleaded guilty to conspiracy charges in a federal court in Atlanta on Tuesday for developing and distributing a malicious banking malware ' SpyEye ' that infected more than 1.4 million computers worldwide since 2009. Aleksandr Andreevich Panin , a 24 year old programmer, also known as Gribodemon and Harderman , was the main author of ' SpyEye ', a sophisticated malware designed to steal people's identities and financial information, including online banking credentials, credit card information, user names, passwords and PINs from their bank accounts without their knowledge. The SpyEye secretly infects the victim's computer and gives the remote control to the cybercriminals who remotely access the infected computer through command and control servers and steal victims' personal and financial information through a variety of techniques, including web injects, keystroke loggers, and credit card grabbers without authorization. Between 2009 and
Two Million stolen Facebook, Twitter login credentials found on 'Pony Botnet' Server

Two Million stolen Facebook, Twitter login credentials found on 'Pony Botnet' Server

December 04, 2013Wang Wei
Security researchers at Trustwave's SpiderLabs found a Netherlands-based Pony Botnet Controller Server with almost two Million usernames and passwords, stolen by cybercriminals from users of Facebook, Twitter, Google, Yahoo and other websites. In a blog post, the researchers mentioned that after the Pony Version 1.9  Source code was made public and they found a way to get into the Botnet 's Admin area, from where they collected stolen database and statistics. The Pony Control panel, written in Russian language, indicated Facebook was the worst impacted and two Russian Social Media sites i.e. vk.com and odnoklassniki.ru, credentials were also included in the database. It is not clear at this time that how exactly the login credentials were originally obtained, but one possibility is that, they were captured using some keyloggers or similar malware. Statistics of stolen login credentials: 1,580,000 website login credentials stolen (including 318,121 Facebook login credentia
Malware that transfers stolen data using Inaudible Audio signals

Malware that transfers stolen data using Inaudible Audio signals

December 03, 2013Mohit Kumar
If you think that a computer which is not connected to a network, doesn't have any USB sticks attached to it and doesn't accept any kind of electronic connection requests are reasonably safe against hackers and from all the malware, then you are Wrong. Here we have something shocking update that Some German Scientists have developed a proof of concept Malware prototype, could allow a hacker to infect your computers and other digital devices just using  Inaudible Audio signals . The ability to bridge an air gap could be a potent infection vector. Just imagine, a cyber attack using high-frequency sound waves to infect machines, where stolen data also can be transferred back to attacker without a network connection, Sounds very terrifying ? When a few weeks ago, a security researcher Dragos Ruiu claimed malware dubbed badBIOS  allowed infected machines to communicate using sound waves alone, means that the devices are physically disconnected from any networks, including the inter
Hardware Keylogger used by Card skimmers to steal Credit Cards at Nordstrom Store

Hardware Keylogger used by Card skimmers to steal Credit Cards at Nordstrom Store

October 13, 2013Wang Wei
Three men allegedly installed Credit Card Skimming keylogger at into cash registers in a Nordstrom department store in the Florida. Those Keyloggers were connected via a keyboard cord between the keyboard and the computer to intercept the information transmitted between the two devices and Furthermore, the gang used the connectors designed to resemble common PS2 cables. Krebs has indicated  on his blog that such keyloggers can be easily obtained online for about $40 only. Placing such a devices would have allowed criminals access to data for anyone applying for a Nordstrom credit card , plus any numbers typed in via the keyboard.  In order to collect the captured data, criminals have to return back after few days to collect the keylogger from store. But at this time it is unknown if the men ever returned to the store in order to retrieve the keyloggers and Nordstrom are unaware of any arrests being made. An alert circulated by the police department in Avent
FBI seized Citadel banking Trojan servers

FBI seized Citadel banking Trojan servers

June 06, 2013Mohit Kumar
Microsoft and the FBI have taken down a botnet that controlled millions of infected PCs, which was responsible for massive bank fraud.  Botnets are networks of computers infected with viruses that let them be controlled by hackers. The outfit runs the Citadel Botnets and is believed to have stolen more than $500 million from bank accounts over the past 18 months. Citadel is one of the biggest botnets in operation today. Citadel is a banking Trojan that has been in existence since 2011. As with most banking Trojans, Citadel is a full crimeware kit, providing the attackers with payload builders, a command and control (C&C) server infrastructure, and configuration scripts to target various banks. Citadel infected as many as 5 million PCs around the world including here in Australia and according to Microsoft, was used to steal from dozens of financial institutions, including American Express, Bank of America, Citigroup, Credit Suisse, eBay's PayPal, HSBC, JPM
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.