New Trojan keylogger disables both virtual keyboards

Virtual keyboard which is considered a salvage solution for users before the keylogger threat has now lost its advantage over the new generation of keylog malware.

Keylogger is a malicious software designed to record keystrokes on infected systems to send back to its author. Virtual keyboard is a solution that allows users to use the mouse to enter signs from a virtual keyboard on the screen. The old generation keylogger is completely bundled with this solution but with the newly discovered keylog trojan, it is not.

Hispasec Systems - a security firm of Ban Nhan - has revealed details and a Trojan capable of taking screenshots on infected systems. If the user has entered the online bank account PIN on the virtual keyboard, the trojan can still be recorded via screenshots.

Like all other trojans, Hispasec's new trojan also hacked into users' systems whenever they accessed a malicious website, Bernardo Quintero - Hispasec's security researcher - said . That means that users will not receive any indication that they have been infected with this software.

Quintero's research team has experimented with 30 different anti-virus software that is considered to be capable of combating keylog malware screenshots. But there are only 6 successful applications.

Gartner Avivah Litan's security analyst said that malware that could capture screenshots began to explode in early 2003. The first victim of the software is a Brazilian bank. However, this attack technique is still relatively rare because this type of program consumes a lot of system capacity and bandwidth - which is very easy to catch consumers' attention.

But everything changed with the new trojan discovered by Hispases. Researcher Quintero confirmed that the trojan incorporates keystrokes and screen shots. But instead of taking a picture of the entire screen, the trojan only takes a screenshot of the area around the user clicked area. That means the screen shots will be lighter and make it harder to detect.

So, at this point, the security industry and users must admit the fact that no single security solution is safe. Need to combine various security solutions.

Hoang Dung