August 28, 2012

Researchers spot new keylogger that hides in Windows help file

A new data-stealing trojan has turned up on the systems of one of Radware's customers, according to researchers at the network security firm. Researchers said Tuesday that the malware, dubbed Admin.HLP, is designed to log keystrokes and remotely send passwords, credit card numbers and other private information to an attacker-owned server. The trojan gets its name because it hides from detection inside a Windows help file and then is attached to emails. Once installed on a target's machine, it configures the Windows startup process so the trojan runs each time the computer reboots. It is unclear how widespread the threat is, or which organizations it may be targeting. A request for comment was not immediately returned.

Related Articles
Related Topics

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.