Massive ID Theft Ring Uncovered
Officials at Sunbelt Software say well-known spyware is being used to steal info.
Jaikumar Vijayan, Computerworld
Monday, August 08, 2005
http://www.pcworld.com/news/article/0,aid,122149,00.aspOfficials at Sunbelt Software, a Clearwater, Florida-based vendor of anti-spyware tools, say the company stumbled upon a massive ID theft ring that is using a well-known spyware program to break into and systematically steal confidential information from an unknown number of computers worldwide.
The operation was discovered last week during research Sunbelt was doing on a spyware program belonging to a particularly dangerous class of browser hijacking tools called CoolWebSearch (CWS), according to Sunbelt's president, Alex Eckelberry.
CWS programs are extremely hard to detect and remove, and are used to redirect users to Web sites that use spyware tools to collect a variety of information from infected computers. The CWS variant being researched by Sunbelt turned infected systems into spam zombies and uploaded a wide variety of personal information to a remote server apparently located in the U.S. That server holds a "treasure trove of information" for ID thieves, Eckelberry says.
Sunbelt's research showed that the information being uploaded to the remote server included chat sessions, user names, passwords and bank information, he says. The bank information included details on one company bank account with more than $350,000 in deposits and another belonging to a small California company with over $11,000 in readily accessible cash, he says.