• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • March 8th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Immensely Powerful iSpy Keylogger Targets Skype, Webcams and Passwords

September 26th, 2016 Waqas Security, Malware 0 comments
Immensely Powerful iSpy Keylogger Targets Skype, Webcams and Passwords
Share on FacebookShare on Twitter
iSpy keylogger records skype chats, steal passwords stored in the browser and take pictures through device webcam.

A keylogger dubbed as iSpy is being monitored quite ferociously by researchers primarily because it is very much in demand on the Dark Web. Reportedly, the keylogger is being sold at a meager rate of $25 to $35.

The reason why this keylogger is so much in demand is that it is quite powerful software that can capture keystrokes, steals passwords stored in web browsers and Skype conversation records, takes pictures via webcam and stores the license keys of software like Microsoft Office and Adobe Photoshop.

Related: New ‘Trojan T9000’ Targets Skype Users, Saves Screenshots, Records Chats

Zscaler ThreatLabZ states that iSpy is being distributed through infected JavaScripts and/or document attachments in phish emails and scam campaigns. The fact that iSpy versions are signed and used in expired digital certificates to make it appear authentic while being checked by security software, makes this keylogger so dangerous.

iSpy comprises of a loader that is responsible for delivering an encrypted payload, which is compressed through .Net, AutoIT and Visual Basic 6.0 languages. Furthermore, there are six components of the payload all equipped with diverse features such as clipboard monitoring, RuneScape( MMO game) PIN logging, keylogging, webcam logging, screen capturing and of course, accessing and stealing of passwords.

According to Zscaler ThreatLabZ’s analyst Atinderpal Singh, the company has come across a new and improved version of this keylogger in the past 24 hours. This new version some other added features including erasing the Skype chat recorder. The keylogger uses various techniques for deceiving users such as it removes the “Zone.Identifier” flag from the ADS (Alternate Data Stream) of the host computer to deactivate the security warning message that pops up whenever the malware file is run.

Additionally, the keylogger has the feature of disabling antivirus software, which is done by creating a Sub-Key of the same program in the registry key: ‘Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\’

Then it sets “rundll32.exe” as the “Debugger” value in that key. The local data obtained by iSpy is sent to its command and control servers through FTP, HTTP, and/or SMTP protocols. Prior to transferring the data, the malware uses its custom encryption.

“The current sample… uses FTP for sending the stolen data to the attacker. The FTP account – ftp://ftp[.]bhika[.]comxa[.]com –was active at the time of analysis and the FTP credentials are embedded in the file itself,” stated Singh.

[fullsquaread][/fullsquaread]

Must Read: The Nastiest of all Ransomware Mamba Encrypts Entire Hard Drive

Zscaler further noted that iSpy is sold on the Dark Web in three models of subscription ranging from 1 to 6 months and annual subscriptions. The price range varies between $25, $35 and $45.

[src src=”Source” url=”https://www.zscaler.com/blogs/research/ispy-keylogger”]Zscaler[/src]
[src src=”H/T” url=”https://threatpost.com/ispy-keylogger-targets-passwords-skype-webcams/120758/”]Threat Post[/src]
  • Tags
  • Cyber Crime
  • Dark Net
  • dark web
  • hacking
  • internet
  • keylogger
  • Privacy
  • security
  • Skype
Facebook Twitter LinkedIn Pinterest
Previous article iOS 10 has vulnerability that leads to Cracking of iPhone Backups
Next article Voters' Database of 2.9 Million State of Louisiana Natives Leaked Online
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

Threat actors hijacking Bitbucket and Docker Hub for Monero mining

IT Security firm Qualys extorted by Clop gang after data breach

IT Security firm Qualys extorted by Clop gang after data breach

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
John McAfee Charged with Fraud in Cryptocurrency Scam
Cyber Crime

John McAfee Charged with Fraud in Cryptocurrency Scam

U.S. DOJ warns of fake unemployment benefit websites stealing data
Cyber Crime

U.S. DOJ warns of fake unemployment benefit websites stealing data

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers
Cyber Attacks

Microsoft, FireEye report 3 new malware linked to SolarWinds hackers

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us