SpyEye is Back to Steal Your Money

« How Prevalent Is Fake Antivirus Software? | Main | Internet Blackout for Thousands This Monday. Are You One of Them? »


SpyEye is Back to Steal Your Money

Back in 2010 a very clever and sophisticated botnet hit the hacking world called "SpyEye." Over the next couple of years, this malware package has been responsible for over $100 million dollars stollen from small to mid-sized business in the US and abroad.

What is SpyEye?

If it weren't so evil, it would be incredibly genius. Basically, it's a software package that can be modified to do many different (and devious) things. It can be sold, bought, and passed around from hacker to hacker where they can easily modify the source code to do their bidding.

Here's just a few examples of what SpyEye, and the off-spring of SpyEye can do:

  • Form-grabbing -- steals any information you enter into a browser form: like banking websites.
  • POP3 Grabbing -- steals your POP3 email credentials to harness your email client for all kinds of nasty business.
  • FTP Grabbing -- steals your FTP login credentials in order to hack into your servers.
  • CC Autofill -- looks like a legitimate credit card form field, but ultimately steals your credit card information.
  • PHP-MYSQL -- hacks into your server database to gather virtually everything your business has in the db (which is almost always everything).
  • Invisibility -- Invisible in processes list, hides itself as a hidden file, invisible in your registry.

SpyEye was the basis for the infamous "Zeus" bonnet that stole millions of dollars.

That's just the tip of the iceberg. If stealing your bank information (and money) wasn't enough, there's a new version of SpyEye proving to be even more frightening.

Early detections show that this new version tricks you into installing a small bot that takes control of your webcam and microphone. Why? According to Dancho Danchev of ZDNet, this looks like a testing ground to break into the facial recognition login feature that banks may use in the future.

That's right, this SpyEye version is trying to get ahead of the game by figuring out out to hack facial recognition software when/if it becomes a reality for online banking.

We'll have to wait and see if that comes to fruition, but the point is, hackers are alive and well. They're looking forward for security breaches, as well as new technologies to exploit.

Well, almost all of them. The good news is, authorities in many countries are taking cybercrime very seriously. Just recently, British police busted a Baltic hacker trio that was actively stealing from UK banking customers. They got away with over £100,000 before they were caught, but this was only three guys.

Earlier this year, Microsoft, led by US Marshals, seized a cache of botnot servers which were utilizing over 800 domains to steal banking info.

The other good news is, antivirus software companies quickly moved to block and protect against future SpyEye and Zeus hacks.

If your antivirus software is up to date, chances are you're probably fine. But don't get too comfortable, being protected by software is just the first step. You need to be a smart user and be wary of clicking on suspicious links -- either online or in your email. SpyEye is sneaky and doesn't always look like malware.

People have been fooled into clicking fake Justin Bieber news, fake Facebook pages, and other dirty tricks. Resist the urge to instantly click on a link. Hover over it. Does it look legitimate? Do you know who sent you the email? If Justin Bieber was really in a car crash, you can easily confirm it with a simple search.

Stop, think, be cautious. That's just as important as having good antivirus software.


You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.