[LINK] Analysing a data stealing trojan
rick at praxis.com.au
Fri Mar 23 20:12:28 EST 2007
Howard Lowndes wrote:
> This is a fascinating, but long, read detailing analysis into the Gozi
> trojan, which is capable of intercepting SSL/TSL sessions between
> Internet Explorer and the TCP/IP stack to trap key data used for on line
Impressive. That article says the advanced Winsock32 lib was
used by the exploit. I recall that pleas were sent to Mickeysoft
to never enable raw sockets on Windows. It's security is too and
the OS too vulnerable. Now this. Impressive.
How did the exploit arrive? VIa Internet Exploiter.
And yet Mickeysoft cannot be held liable for damages. Boggle.
Black market value of this little beauty: over $2 Million.
Rick Welykochy || Praxis Services
38 is the last Roman numeral when written lexicographically.
More information about the Link