Keyloggers Jump 65% As Info Theft Goes Mainstream

The number of keyloggers unleashed by hackers soared by 65% this year as E-criminals rush to steal identities and information, according to VeriSign iDefense.
These keyboard trackers don't exist in a vacuum, of course, but are just one part of the crimeware landscape. "Rootkit functionality is increasingly becoming part of keylogger technology," said Dunham, referring to the Trojans used to cloak certain files to make them difficult for anti-virus, anti-spyware, or other security software to detect and delete. "Keyloggers, adware and spyware, and rootkits, they're all coming together. Whatever can make an attack stealthier and make it last longer, that's where it's all at in criminals' minds."

With their numbers dramatically on the increase, it's no surprise that keyloggers made news in 2005. A keylogger-based theft of 220 million pounds ($382 million) from the London offices of the Japanese bank Sumitomo Mitsui was foiled in March, while in August, researchers at Sunbelt Software stumbled on an offshore server jammed with information -- including usernames, passwords, telephone numbers, credit card and bank account numbers -- stolen with a keylogger.

Keyloggers are particularly dangerous because of their stealthy qualities; you can't stop what you can't see.

"Everybody knows about viruses and worms, but the threat of the unknown is the greatest threat we face," said Dunham.

iDefense, acquired by VeriSign earlier this year, provides security and vulnerability intelligence to enterprises, and said that in addition to basic defenses like anti-virus programs and firewalls, one way to combat the threat is to track the hackers and gangs that promote and use keyloggers.

Editor's Choice
Samuel Greengard, Contributing Reporter
Cynthia Harvey, Freelance Journalist, InformationWeek
Carrie Pallardy, Contributing Reporter
John Edwards, Technology Journalist & Author
Astrid Gobardhan, Data Privacy Officer, VFS Global
Sara Peters, Editor-in-Chief, InformationWeek / Network Computing