Variation Srv.SSA-KeyLogger - 2 in 1

Variation Srv.SSA-KeyLogger - 2 in 1 Picture 1

Sunbelt Software - a US anti-spyware security firm - said last week it has just discovered a new variant of Srv.SSA-KeyLogger that specializes in stealing user-sensitive information.

The discovery of the keylogger category for Sunbelt Software is also a coincidence when a firm's researcher discovered a server that contained a huge amount of usernames, passwords, phone numbers and information. Credit cards, bank account numbers as well as many other personal information.

All of this information is collected by the hand of a keylogger - Srv.SSA-KeyLogger variant. This type of keylogger is capable of collecting all kinds of information such as online banking account login information, eBay accounts, PayPal . or information from applications using HTML forms to get information.

Eric Sites, Sunbelt's vice president of R&D, said that due to being 'inherited' the foundation of the Dumador / Nibu, Srv.SSA-KeyLogger trojan line, it was particularly dangerous. Once infected with an SSA-KeyLogger user's computer, "won't sit still" until the user types in the password to record and send. Instead, this keylogger sneaks into IE's Protected Storage (Protected Storage) to steal information.

Protected Storage is essentially a set of registry keys used to store usernames and passwords. If the AutoComplete feature is enabled in Internet Explorer - the default is always enabled - the browser will remember the username and password and write to Protected Storage. Even if this information has been encrypted, just using a simple application can decrypt this information.

Even more dangerous, the keylogger can break into the Windows clipboard to get information, disable the Windows firewall or another third party. These types of firewalls were removed from the keylogger easily because they did not cleverly disguise themselves as an Internet Explorer thread.

Security firm Sunbelt has released information about this new keylogger with other security vendors.

At the same time, the company has successfully developed a tool to help scan and destroy this new and dangerous keylogger. Users can download this tool here .

Sunbelt also recommends that users turn off the AutoComplete feature to prevent all types of keyloggers that can infect computers. To turn off this feature, in the Internet Explorer window go to Tool | Internet Options then switch to Content and select AutoComplete. In the AutoComplete window, leave all the marks for Use AutoComplete For and select Clear Forms and Clear Password in the Clear AutoComplete history section.

A keylogger is a program - if installed on a computer - that allows recording all user actions on the keyboard into a specified file.This type of software is dangerous because it has been exploited by hackers to steal information or track users.