{"id":818,"date":"2014-09-24T23:49:44","date_gmt":"2014-09-25T03:49:44","guid":{"rendered":"http:\/\/www.ccrepairservices.com\/blog\/?p=818"},"modified":"2014-09-25T00:09:37","modified_gmt":"2014-09-25T04:09:37","slug":"keylogger-optimized-with-autoit-infected-thousands-of-computers","status":"publish","type":"post","link":"https:\/\/www.ccrepairservices.com\/blog\/computer-news\/keylogger-optimized-with-autoit-infected-thousands-of-computers\/","title":{"rendered":"Keylogger Optimized with AutoIT Infected Thousands of Computers"},"content":{"rendered":"

\"\"<\/p>\n

A new surge of malware has been discovered which goes on to infect hundreds of thousands of computers worldwide and allegedly steals users\u2019 social and banking site credentials.\n<\/div>\n

 <\/p>\n

Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine giant, Google said that Gmail credentials didn\u2019t come from the security breaches of its system, rather the credentials had been stolen by phishing campaigns and unauthorized access to user accounts.\n<\/div>\n

 <\/p>\n

Just now, we come across another similar incident where cyber criminals are using a malware which has already compromised thousands of Windows users worldwide in an effort to steal their Social Media account, Online account and Banking account Credentials.\n<\/div>\n

 <\/p>\n

A Greek Security Researcher recently discovered a malware sample via a spam campaign (caught in a corporate honeypot), targeting large number of computers users rapidly. He investigated and posted a detailed technical analyses of the malware on his blog.\n<\/div>\n

 <\/p>\n

After reverse engineer the malware sample file, he found that the cybercriminals are using a combination of software AutoIT<\/b> (Automate day-to-day tasks on computers) and a “commercial” Keylogger named “Limitless Keylogger<\/b>” to make it FUD i.e. Fully Undetectable from static analysis.\n<\/div>\n

 <\/p>\n

Keylogger is a critical type of software program for cyber criminals, which records every input typed into the keyboard and easily detects passwords for users\u2019 Email accounts, Social Media accounts and Online Bank accounts.\n<\/div>\n

 <\/p>\n

This malicious application captures every keystrokes users press and send them to a specified email address linked to the cyber criminal. More interestingly, the malware uses AutoIT in order to evade detection by Antivirus programs.\n<\/div>\n

 <\/p>\n

\"Limitless\n<\/div>\n

 <\/p>\n

The malware distributed in the spam campaign comes as a WinRAR SFX executable file with a custom icon which drops 4 malicious files onto the victim\u2019s computers with hidden and system attributes.\n<\/div>\n

 <\/p>\n

The Malware archive includes:\n<\/div>\n

 <\/p>\n