Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Meet the Peeping Tom worm

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Meet the Peeping Tom worm
Date: Tue, 24 Aug 2004 01:38:40 -0500 (CDT) 
http://www.theregister.co.uk/2004/08/23/peeping_tom_worm/

By John Leyden
23rd August 2004 

A worm that has the capability to using webcams to spy on users is
circulating across the Net.

Rbot-GR, the latest variant of a prolific worm series, spreads via
network shares, exploiting a number of Microsoft security
vulnerabilities to drop a backdoor Trojan horse program on vulnerable
machines as it propagates. Once a backdoor program is installed on a
victim's PC it's game over and an attacker can do whatever takes their
fancy. But Rbot-GR comes pre-loaded with functionality specifically
designed to control webcam and microphones. Other variants of the worm
do not come with this "Peeping Tom" routine, according to AV firm
Sophos.

"If your computer is infected and you have a webcam plugged in, then
everything you do in front of the computer can be seen, and everything
you say can be recorded," said Graham Cluley, senior technology
consultant for Sophos. "It would be like having a regular web cam
conversation except you wouldn't know you're taking part in it."

Aside from its voyeuristic behaviour, the Trojan component of the worm
will attempt to steal registration information for games and PayPal
passwords from infected machines. It's a thoroughly nasty piece of
code so it comes as some relief that Rbot-GR hasn't particularly
widespread. Sophos has received only as handful of reports about the
worm and most vendors rate it as a medium-risk threat. As usual,
Rbot-GR is a Windows-only menace.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - 
http://www.osvdb.org/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Meet the Peeping Tom worm, InfoSec News <=
Previous by Date:  [ISN] REVIEW: "Fighting Spam for Dummies", John R. Levine/Margaret Levine Young/Ray Everett-Church, InfoSec News
Next by Date:  [ISN] Dozens Charged in Crackdown on Spam and Scams, InfoSec News
Previous by Thread:  [ISN] REVIEW: "Fighting Spam for Dummies", John R. Levine/Margaret Levine Young/Ray Everett-Church, InfoSec News
Next by Thread:  [ISN] Dozens Charged in Crackdown on Spam and Scams, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]