Keylogger ALERT!
Submitted by YelloW on Wed, 2004-11-17 22:42.
Technology
A well trafficed website that Belizeans visit apparently had a keylogger hiden on files that were downloaded (intentional or not, i don't know). More than likely if you have visited that site and downloaded any file, your computer make be affected.
What is a keylogger? It's a spyware that captures all the keys you press on your keyboard and sends that information to the culprit either via email or ftp. information that could have possibly been sent could be passwords, credit card info, and other personal info.
If you have antivirus, that will not help you. You need to install a "anti-spyware" on your computer.
Do a search for "Ad Aware" and/or "Spybot" on the Internet, download either, and install that on your computer. (if you don't have one already installed). After the installation, run a scan on your computer. This will find all the spyware that is on your computer, when the scan is done, remove or delete those spyware from your computer. To be on the safe side, shut down you computer, reboot, then run the scan again, it should find anything. (I'll insert an image later as to what to look for)
Hopefully, these people can fix there problem and an explaination is forthcoming. I'll wait and see what they will do.
Keylogger FOLLOW-UP !
I am working to get to the bottom of this issue and I will keep the forum alive with general results of the new findings. If requested, I will assist Freebelize in finding out who had replaced the files, if it turns out that it was an attack persay.
I had discovered this issue several weeks ago and worked along with the mail provider that the 'spies' were using to retain their keylogs. They took action against the account according to their terms and conditions of service. So now that repository for the spied information is empty.
As of Wednesday 11:00pm CST, one of the files was clean and the other not accessible, Print Belize contract and Carnival Contract, respectively, but I also recommended to Freebelize that all future files be in the native application format and not compressed in exe nor zip format. As you can see from the "IMF Implementations" file, it is in PDF and not EXE file format.
If any user needs help with removing the infection. Send an email to systemsgodministrator@yahoo.com