[Dshield] Srv.SSA-KeyLogger

Paul Marsh pmarsh at nmefdn.org
Thu Aug 11 13:12:09 GMT 2005



	I've been following the Sunbelt blog for the last few days as
I'm sure everyone else has, very interesting and scary stuff.  Sunbelt
reports they have identified the keylogger and the trojans involved.
They will be updating their product along with releasing a free tool
later today.  They also report they are in contact with the other major
AV vendors to help them develop a def./tool for this bit of nastiness.
A few question have come to mind that I'm hoping the people with the
inside track can answer.

	1.  Will the other AV vendors release a def, tool or what ever
with detailed information for their customers regarding this thing?  I
can just see it now a user's av or spyware scan quarantines the thing
but never tells them "hey this thing is nasty and you need to
understand":

		a.  Your system is owned
		b.  YOU ARE OWNED!

	2.  How long has this thing been around collecting info and
calling home to mama?

Thanx, Paul

The information in this transmittal (including attachments, if any) is privileged and confidential and is intended only for the recipient(s) listed above. Any review, use, disclosure, distribution or copying of this transmittal is prohibited except by or on behalf of the intended recipient. If you have received this transmittal in error, please notify me immediately by reply email and destroy all copies of the transmittal. Thank you.



More information about the list mailing list