F-Secure yesterday posted a blog "Advanced tools to handle stolen information" that reveals how one trojan malware software works. The blog describes what kind of information the trojan stores:
"The reporting tool has a very nice UI. As you can see from the screenshot, everything is structured very nicely, you can see generic information about the computer itself such as hardware information (CPU, RAM, Disk, et cetera). You can also see which version of Windows is being used together with the license key. At the bottom of the screen you can see all of the stolen information such as ICQ credentials, usernames and passwords taken from stored e-mail accounts in Outlook and Thunderbird, and also information stored in the password managers of Internet Explorer, Firefox, and Opera."
The blog then concludes with "The guys behind the trojan are from Russia and the tool is available in both English and Russian languages. This clearly indicates that the bad guys are working in a professional manner, creating easy-to-use tools to quickly get to the information instead of having just TXT files with loads and loads of text to filter through."
Read the blog for more information.
Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com
del.icio.us