Jumat, 21 Desember 2007

Russians close to prosecuting 'Pinch' Trojan authors (InfoWorld)

San Francisco - Russia may soon prosecute the authors of the "Pinch" Trojan, an easy-to-use malicious software program available on the Internet that steals a variety of data.

Nikolay Patrushev, who heads Russias Federal Security Services, said earlier this week that Pinchs authors had been identified and would be taken to court, according to a blog posting by Russian security vendor Kaspersky Lab.

Kaspersky said the arrest of the Pinch writers, identified as Ermishkin and Farkhutdinov, would be on the same level as the 2005 prosecution of German Sven Jaschan for creating the NetSky and Sasser worms, which caused thousands of infected computers to crash worldwide.

With Pinch, "its impossible to estimate what financial losses have been caused over the years since this Trojan first saw the light of day," Kaspersky said.

Pinchs sellers would customize the program for buyers and offer support, illustrating a growing underground economy for hacking tools, Kaspersky said.

Thousands of versions of Pinch, which comes in Russian and English language versions, are still circulating on the Internet. Kaspersky said its security software can detect some 4,000 variants of Pinch, where the basic code is the same but aspects of the program have been modified in order to evade detection by security software.

Pinch has a highly developed user interface that can be used for sorting information it steals off other computers, according to F-Secure.

It can steal e-mail account passwords, pilfer other password information stored in the Internet Explorer, Firefox and Opera browsers, and snap screenshots.

That stolen information can also be encrypted before it is sent back to the hacker, according to Panda Security, another security vendor.

Pinch could also be customized to have the victimized computer join a botnet, or a network of computers set up to hide other malicious activity by the hacker. Botnets are often used to send spam or mount other hacking attacks.

 
eXTReMe Tracker