SpyEye
Malware program From Wikipedia, the free encyclopedia
SpyEye is a malware program that attacks users running Google Chrome, Safari, Opera, Firefox and Internet Explorer on Microsoft Windows operating systems.[1] This malware uses keystroke logging and form grabbing to steal user credentials for malicious use.[1][2] SpyEye allows hackers to steal money from online bank accounts and initiate transactions even while valid users are logged into their bank account[3]
| SpyEye | |
|---|---|
| Technical name | SpyEye |
| Type | Spyware |
| Subtype | keylogger, form grabber |
| Origin | Russia, Algeria |
| Authors | Aleksandr Andreevich Panin, Hamza Bendelladj |
SpyEye has the ability to insert new fields and alter existing fields when a compromised user's browser displays a web page, allowing it to prompt for user names, passwords, or card numbers, thereby giving hackers information that allows them to steal money without account holders ever noticing. It can save the user's false balance (with fraudulent transactions hidden) so that the next time the user logs in, the fraudulent transactions and real balance are not displayed in the user's browser (though the bank still sees the fraudulent transactions.)[4]
SpyEye emanated from Russia in 2009 and was sold in underground forums for $500+ in which SpyEye advertised features such as keyloggers, auto-fill credit card modules, email backups, config files (encrypted), Zeus killer, HTTP access, POP3 grabbers and FTP grabbers.[5]
Target users and institutions in the United States, United Kingdom, Mexico, Canada and India were the largest victims of SpyEye; the United States made up 97% of the institutions that fell victim of this malware.[6]
Authors of SpyEye
It is believed that the creator of Zeus said that he was retiring and had given the source code and rights to sell Zeus to his biggest competitor, the creator of the SpyEye trojan; those same experts warned the retirement was a ruse and expect the developer to return with new tricks.[7][8]
In 2016, Alexander Andreevich Panin (aliases “Gribodemon” and “Harderman”), the author of SpyEye, was arrested and pleaded guilty to conspiracy to commit bank and wire fraud as part of a plea deal with the prosecutor's office. He was sentenced to nine years and six months in prison.[9][10]
Hamza Bendelladj (alias “Bx1”), co-author of SpyEye, was arrested at the same time as Panin. He was sentenced to 15 years in prison for selling versions of SpyEye online and using malware to steal financial information. Both men were accused of using SpyEye to infect more than 50 million computers and causing nearly $1 billion in damage to individuals and financial institutions around the world.[11][10]
See also
References
Wikiwand - on
Seamless Wikipedia browsing. On steroids.