More spyware used in identity theft

Spyware is increasingly being used by criminals to sniff out user passwords and log keystrokes, according to new research.

A study by security company Aladdin's eSafe Content Security response Team (CSRT) found that 15 percent of spyware threats successfully copy user's passwords, usernames, hashes of administrator's passwords and email addresses. The analysis of 2,000 known spyware threats shows that there is a growing amount of malware designed for identity theft.

"The study illustrates that a growing amount of spyware is specifically designed for identity theft and continues to compromise both personal and commercial privacy, with potentially dangerous effects for large organizations in need of protecting proprietary information," said the company in a statement.

A further 25 percent of spyware is classified as a "moderate threat". This type of spyware sends information gathered from the victim's operating system, including the computer (host) name, domain name, logs of all processes running in memory, installed programs, security applications, client's internal IP address, OS version, the existence and versions of service packs and security updates.

The remaining 60 percent, the research found, transmitted commercially valuable information about the end user's browsing habits. This includes keywords used in search engines, browsing habits and ratings of frequently visited websites and shopping reports.

This week, SC Magazine reported that a Californian man was convicted of planting a malware "time bomb" in his former employer's computer.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.