Sunbelt Software researchers say they have uncovered what appears to be a massive online identity theft ring, which is under investigation by the FBI.
Earlier in the week, one of the company’s researchers came across a server containing log files that turned out to be information coming from a keystroke logger, said Phil Owens, product manager at Sunbelt Software, a Tampa Bay, Fla.-based supplier of anti-spyware and other security tools.
The keylogger files contain user names, passwords, bank information, and chat sessions. The information is in different languages and appears to be coming from all over the world, Owens said.
“We were tracing through some IP addresses and came across this location. It’s on the web … it’s being used by the application as a public place to put its files,” he said.
The FBI is investigating the case, Owens said.
Dave Bove, director of spyware research at Sunbelt, said many IP addresses appear to be involved, leading the company to describe it as a massive identity ring.
“We’re still investigating what the keylogger is exactly and how it’s being delivered,” he said.
The data collected includes chat room sessions such a man telling someone he needed to find an anti-spyware tool, Owens said.