This does not sound good....
Ping.
Yikes!
What’s “Anti-Virus Software?”
Linux. ‘Nuff said.
There is another one also — maybe even worse. The trojan, Kardphisher, renders a popup to the user, saying their software has been activated by another person. It then says that, in order to maintain activation, they must buy it. It asks not only for credit card information, but the PIN and 3-digit security number as well.
The popup says it comes from Microsoft, but it does not. The sender wants your credit card info.
Anyone who uses a credit card on the Internet should know that you should never type your number in sequentially the way it appears on the card.
You should break it up into pieces and use the mouse to relocate the cursor. NEVER THE ARROW KEYS - keyloggers can read arrow key movements, but so far... not mouse movements.
So say, for example, that your credit card number was: 123 456 789;
You should type first 456; then use the mouse to move the cursor in front of it and type 123; then use the mouse one more time and type 789.
This is simplified, but a simple procedure of NEVER typing a number in the order it appears on your credit card, will defeat any keyloggers tha currently exist.
I have helped a friend install a keylogger once during a messy divorce, and it’s amazing what information you can capture! It also makes it easy to figure out a way to defeat such software.
NEVER TYPE IN YOUR CC NUMBER WITHOUT SCRAMBLING IT AS I DESCRIBED. It’s not a big hassle, and it gives you an added layer of security. Even if someone did sneak a keylogger onto your machine somehow, they would not get a useful CC number if you follow this simple trick.
bump
I love My *ping!* Knoppix Linux!
ping
So, where is the tool to detect and remove this trojan?
I don’t understand, it can decrypt the SSL packets and steal the data or is just a key logger enabled once an SSL connection has been established?
If it can decode and read SSL packets, it doesn’t need to even be on your PC, it just needs to sniff packets on the Internet; granted it’s a lot of traffic but look for destination addresses in the header of financial institutions.
When I had a shared cable modem connection, I put a virgin but patched PC right on the network and ran a Sniffer and was amazed at what I could see. Luckily (or unluckily since I can’t setup a Citrix server at home) my DSL stops outside packets at the next hop router.
Will you post a fix announcement to this thread?