USBThief – Making it Easy for Cyber Criminal Wannabes

With access to your passwords, cyber-criminals (they come in all shapes, sizes and flavors – so don’t be fooled), can and will, steal your identity and without a doubt severely compromise your financial security. Stolen passwords have the potential to cause serious havoc in your life.

There are numerous ways of course that a password can be stolen. Popular methods employed by cyber criminals include, but are not limited to:

Email scams: Email scams work because the Cyber-crooks responsible use social engineering as the hook; in other words they exploit our curiosity to start the process of infecting unaware computer users’ machines

Search engine redirection: Cyber-crooks continue to be unrelenting in their chase to infect web search results, seeding malicious websites among the top results returned by these engines. Malware, including password stealers can be installed on a computer simply by visiting a site.

Drive-by downloads: Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common recently. They are crafted to automatically download and install malware including password stealers on your computer without your knowledge.

Added to the burden we already carry in protecting our computers, our private personal information, and our confidential financial information, we now have to be careful, and perhaps even suspicious of our friends, or for that matter anyone, who inserts a USB drive including MP3 players, such as a iPod, into a USB port on our computer.

USBThief is a free hacking application – available for download on virtually every torrent download site that I investigated – which can be installed on a USB flash drive, or even an iPod, or other MP3 player.

I haven’t tried (yet), to install this on a Digital Camera, but I suspect (with some modification), that it can be done. Consider how often a friend, or family member, has connected any one of these peripherals to your machine.

USBThief has been designed and crafted with only one purpose in mind, and that is to steal both the passwords, and software keys, on the duped party’s computer.

There is no requirement that the culprit is a seasoned hacker – all that’s needed is that an ethically challenged individual download the program; decompress the archive and put all the files located in the folder “USBThief” onto a USB drive.

After connecting and removing the tweaked USB drive from the victim’s computer, the cyber-criminal simply views the dump folder to view the captured information.

Learning to use this application is an absolute “no brainer” – there are multiple sites on the Internet offering tutorials (including video tutorials), in the use of  USBThief.

Here’s a little blurb from a hacking site:

1.Insert the USB in your victim’s computer.

2.View folder “dump” to see the passwords. It also makes a second dump folder in the batexe folder. Tested and Working perfectly!

I have not written this article to produce paranoia, or to make you suspicious of either your family, or your friends, but so that you are aware of the ever increasing challenges we all face in protecting valuable information in a world that threatens us, at every turn it seems.

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

Panda Security’s August 7, 2009 Report on Viruses and Intruders

Courtesy of Panda Security. Panda Security’s weekly report on viruses and intruders.

This week’s PandaLabs report looks at the Lineage.LAS worm and the SecretService fake antivirus.

The Lineage.LAS worm spreads through mapped drives. It copies itself to several folders and downloads a malicious file. It also creates a file called Autorun.inf which allows it to run every time the user opens a folder.

Additionally, it modifies the Windows registry to run on every system restart. One of the malicious actions the worm carries out on infected computers is to prevent users from viewing hidden files and folders.

SecretService is yet another example of the now widely spread fake antiviruses. This malicious code tries to trick users into believing their computer is infected. To do this, it generates numerous junk files, and offers users the possibility of buying an antivirus solution through an online transaction to remove them. This way, it steals users’ credit card details.

SecretService carries out a fake computer scan, displaying an undetermined number of problems, and offers users the possibility of installing security software.

Once installed, SecretService’s interface looks very similar to that of traditional antiviruses, even displaying the Windows Security Center page.

SecretService can also display fake warnings reporting malicious files, registry errors, etc.

These warnings are accompanied by a very characteristic sound. Other actions it carries out to make users believe they are infected include modifying the computer wallpaper.

To make the program look more authentic, it inserts an icon in the browser taskbar.

Finally, it displays a screen which requires the software to be upgraded to its paid version in order to eliminate all threats. Then, if users enter their banking details, they will be stolen.

This fake antivirus reaches computers when users access a malicious web page and agree to install the program.

More information about these and other malicious codes is available in the Panda Security Encyclopedia. You can also follow Panda Security’s online activity on Twitter, and PandaLabs blog.

If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

USBThief – Designed to Steal Your Passwords

We all know that the purpose of computer passwords is to protect personal information that you’ve stored on your computer, as well as in your online accounts.

With access to confidential passwords, cyber-criminals (they come in all shapes, sizes and flavors – so don’t be fooled), can and will, steal your identity and without a doubt, severely compromise your financial security. Stolen passwords have the potential to cause serious havoc in your life.

There are numerous ways of course that a password, or software license key, can be stolen. Popular methods employed by cyber criminals include:

Email scams: Email scams work because the Cyber-crooks responsible use social engineering as the hook; in other words, they exploit our curiosity, emotions and fears, to start the process of infecting unaware computer users’ machines

Search engine redirection: Cyber-crooks continue to be unrelenting in their chase to infect web search results, seeding malicious websites among the top results returned by these engines. Malware, including password stealers can be installed on a computer simply by visiting a site.

Drive-by downloads: Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common recently. They are crafted to automatically download and install malware, including password stealers, on your computer without your knowledge.

Now, added to the burden we already carry in protecting our computers, our private personal information, and our confidential financial information, we have to be careful, and perhaps even suspicious of our friends, or for that matter anyone, who inserts a USB drive including MP3 players, into a USB port on our computer.

USBThief is a free hacking application available for download on virtually every torrent download site that I investigated – which can be installed on a USB flash drive, or even an iPod, or other MP3 player. I haven’t tried to install this on a Digital Camera, but I suspect (with some modification), that it can be done. Consider how often a friend, or family member, has connected any one of these peripherals to your machine.

USBThief has been designed and crafted with only one purpose in mind, and that is to steal both the passwords, and software keys, on the duped party’s computer.

The culprit doesn’t need to be a seasoned hacker; all that’s needed is that an ethically challenged individual download the program; decompress the archive and put all the files located in the folder “USBThief” onto a USB drive.

After connecting and removing the tweaked USB drive from the victim’s computer, the cyber-criminal simply views the dump folder to view the captured information.

Should you now be suspicious of your family, or your friends? Of course not; but you do need to be aware of the ever increasing challenges we all face in protecting our valuable information.

Good news for all of us however, is in the works. Windows 7 addresses this problem with its Guest Mode feature which when activated, will prevent users from writing to any USB, or other attached device or drive.

Public Proxy Server Danger – Web Site Spoofing

In the article immediately following this article, “OperaTor and XeroBank – Surf the Internet Anonymously”, I stated, “You have a number of choices when it comes to anonymous surfing. You can use a free proxy server service; not my personal first choice – but that’s fodder for another article!”

Well, there’s no time like the present, so here is that article.

In some cases public proxy DNS’s, the database that associates numeric IP addresses, e.g. (206.4.XX.XXX) with URLs, have been known to have been modified.

The modification consists of changing the legitimate association for a fraudulent one, so that when users type a specific URL, they are redirected to a fraudulent page. For example, if users try to log onto their banking web site, the server could redirect them to a phishing site which resembles the legitimate page, but which is designed to steal their bank details.

The following graphic shows a spoofed banking site.

(Click pic for larger)

The danger of this type of attack is – even users with malware-free, up-to-date computers with a good firewall, etc. could easily fall victim to these attacks.

To reduce the risk of phishing attacks it’s important not to use anonymizer services if you’re accessing sites on which confidential data (e.g. online banks, pay platforms, etc.), is being transmitted.

It’s equally as important that you use a browser add-on such as WOT (Web of Trust), so that you have a first line of defense against this type of attack. I strongly recommend that you use WOT as your primary Internet Browser protection. For more information, read “Love WOT And It Will Love You Right Back!” on this site.

If you’re interested in learning more about web spoofing, there is an excellent article at Princeton University’s web site entitled Web Spoofing: An Internet Con Game.

Steal Your Friends Passwords and Software Licenses!

I’ll bet that headline got your attention!

We all know that the purpose of computer passwords is to protect personal information that you’ve stored on your computer, and in your online accounts.

With access to your passwords, cyber-criminals (they come in all shapes, sizes and flavors – so don’t be fooled), can and will, steal your identity and without a doubt severely compromise your financial security. Stolen passwords have the potential to cause serious havoc in your life.

There are numerous ways of course that a password, or software license key, can be stolen. Popular methods employed by cyber criminals include, but are not limited to:

Email scams: Email scams work because the Cyber-crooks responsible use social engineering as the hook; in other words they exploit our curiosity to start the process of infecting unaware computer users’ machines

Search engine redirection: Cyber-crooks continue to be unrelenting in their chase to infect web search results, seeding malicious websites among the top results returned by these engines. Malware, including password stealers can be installed on a computer simply by visiting a site.

Drive-by downloads: Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common recently. They are crafted to automatically download and install malware including password stealers on your computer without your knowledge.

Now, added to the burden we already carry in protecting our computers, our private personal information, and our confidential financial information, we now have to be careful, and perhaps even suspicious of our friends, or for that matter anyone, who inserts a USB drive including MP3 players into a USB port on our computer.

USBThief is a free hacking application – available for download on virtually every torrent download site that I investigated – which can be installed on a USB flash drive, or even an iPod, or other MP3 player. I haven’t tried to install this on a Digital Camera, but I suspect (with some modification), that it can be done. Consider how often a friend, or family member, has connected any one of these peripherals to your machine.

USBThief has been designed and crafted with only one purpose in mind, and that is to steal both the passwords, and software keys, on the duped party’s computer.

There is no requirement that the culprit is a seasoned hacker – all that’s needed is that an ethically challenged individual download the program; decompress the archive and put all the files located in the folder “USBThief” onto a USB drive.

After connecting and removing the tweaked USB drive from the victim’s computer, the cyber-criminal simply views the dump folder to view the captured information.

I have not written this article to produce paranoia, or to make you suspicious of either your family, or your friends, but so that you are aware of the ever increasing challenges we all face in protecting valuable information in a world that threatens us, at every turn it seems.

McAfee to Test Spam – Cyber Criminal Link

This morning my email inboxes in two of the five email services that I use, held a surprise for me once again, with an email from myself. As always, I simply deleted this spoofed spam email along with the other unsolicited junk mail.

The spoofed spam reminded me of an experiment being run by McAfee Inc., a world leader in antivirus, firewall, and Internet security software. McAfee began soliciting for volunteers in December 2007 and selected 50 of them to participate in a test in which the volunteers will have to respond to every unsolicited email mail they receive over a thirty day test period, beginning today.

Their laptops, supplied by McAfee, will operate without active anti-spam protection so that McAfee can test the theory that spam email is linked to cyber crime. Personally, I think that’s a no-brainer; so why bother with a test.

McAfee’s view however, as expressed by Christopher Bolin, McAfee’s chief technology officer is “Spam isn’t just a nuisance. It’s a tool used by cyber criminals to steal personal and business data. And, as scammers become more adept at writing spam in local languages it’s becoming more difficult for Internet users to detect spam. It’s vital that computer users understand the risks of leaving their computers unprotected.”

It seems to me, given the fact that spam exists in many forms including instant messaging spam, Web search engine spam, Blog spam, cell phone messaging spam, and more, that focusing on a narrow definition of what constitutes spam, has little relative value.

So I’m skeptical about the significance of this type of experiment given what we already know about spam, malware attacks in all its various forms, and the known connection to cyber criminals. However, I’m a curious fellow and I’ll follow the research, and the results obtained, with interest.

If you’re interested, you can visit McAfee/Spam Experiment to track the daily progress of the S.P.A.M. Experiment and read Blog reports from the test participants.

Share this post :