The keylogger is deployed via spam.
The keylogger is deployed via spam.

A new commercial keylogger nicknamed iSpy that is capable of snatching every keystroke and fully examining the data on an infected computer has been spotted by Zscaler being sold on underground forums for as little as $25.

In addition to tracking keystrokes, iSpy can steal passwords, take screenshots, monitor webcams and clipboards, said Zscaler researcher Atinderpal Singh in a blog. The malware is delivered through spam email with a malicious JavaScript or document attached.

“The main iSpy payload is usually compressed using a custom packer. So far, we have seen packers written in Visual Basic 6.0, AutoIt, and .Net. We have also seen a campaign of signed .NET crypter where iSpy was served,” Singh said.

The sales department behind iSpy has even created a nifty graphic to advertise the malware.


 

(Graphic courtesy of Zscaler.)