Computer Help Community

Community

Cyber Tech Help Community

New Tutorials

More Tutorials
PC Tutorials

New Downloads

More Downloads
PC Downloads

Member Testimonials

Open Member Quote   In the short time I've been here I have been able to recieve and (hopefully) give good info. I am glad to see a forum which embraces windows98, windows95 and DOS along with the newer O/Ss. Thanks to the moderators for all there help. I will be hanging around this site from now on - Merrick  Close Member Quote
Member Testimonials
MY CYBER TECH HELP

LATEST TOPICS

Tech Help Community

Free Antivirus Scan

Free Virus Scan and a listing of the top 10 viruses in the wild - Free Antivirus Scan
Free Online Antivirus Scan

File Extension Database

Find what program a filetype belongs to in our searchable File Extension Database.
File Extension Database

Services

See what services Cyber Tech Help can offer your business or website: CTH Services
CTH Services

Related MS Links

Related Links
Cyber Tech Help Community

To the top of the page to top

 



Keylogging Trojan Dodges Anti-virus Detection

Latest News Latest News | News ArchiveNews Archive | Cyber Tech Help News RSS Feed!

Keylogging Trojan Dodges Anti-virus DetectionKeylogging Trojan Dodges Anti-virus Detection

Posted by: Tweaker
Date added: 00:19, 27th May 2007 GMT
Source: Physorg

A new variant of the Russian Trojan Gozi is circulating on the Web, this time armed with a keylogging function and the ability to scramble itself so it is difficult to detect by anti-virus software. The new Trojan is believed to have been spreading since April 17 and like the original, which was discovered earlier in 2007, it steals data from encrypted Secure Sockets Layer streams. The latest variant was uncovered May 7 by Don Jackson, a security researcher at SecureWorks in Atlanta. Jackson also found one data cache from the Gozi variant that contained 2,000 new victims and several thousand bank and credit card account numbers, Social Security numbers and other personal information. SecureWorks researchers suspect that this not the only server with stolen Gozi data that exists.

"If you were infected before mid-May, then it will act like a rootkit and hide itself on your PC and will make itself undetectable by most anti-virus software," he said. To remedy this, he suggested that home users reboot their computers in Safe Mode and run an anti-virus scan assuming their anti-virus vendors have a signature for the Gozi variant. The newest instalment of Gozi has a compression component that it uses to uncompress the blocks of code that it needs to run. When it no longer needs those blocks of code, it recompresses them, making it almost impossible to see everything the variant is doing in memory and that much harder for anti-virus scans to detect.

Tools:  Tools: Post a comment | Link to this news item | Send to a friend | Submit News

 

Post a commentPost a comment

Error: You are not logged in.

In order to leave comments to news articles you must be a Cyber Tech Help Member.

Registration is completely free!  Register to become a member!  Register to become a member

Along with access to leave comments to news articles you will be able to ask any computing questions you might have on the Cyber Tech Help Forums.

 

[ To the top of the page To top | Latest News Latest News | News Archive News Archive | Cyber Tech Help News RSS Feed! ]