Major Internet spy ring uncovered

09 August 2005 An identity-theft ring that has captured an "unimaginable" amount of sensitive personal data has been uncovered, according to officials at security company Sunbelt Software.

According to Sunbelt’s CEO Alex Eckelberry, criminals have propagated a particularly malicious breed of spyware to capture highly personal information on an unprecedented scale. Data including user names, passwords, credit card details, social security numbers and instant messaging chat sessions, has been at risk.

"The scale is unimaginable," said Eckelberry.


In some cases, bank details with over $350,000 have been unearthed, as well as a small Californian company with over $11,000 in readily available cash.

Officials at Sunbelt have said that financial details of customers of up to 50 international banks have been stolen.

"In a number of cases, we were so disturbed by what we saw that we contacted individuals who were in direct jeopardy of losing a considerable amount of money," wrote Eckelberry on Sunbelt’s blog site.

The spyware is believed to be a variant of CoolWebSearch (CWS), a program that exploits security flaws in Microsoft’s Internet Explorer browser. Once it has disabled the browser’s security settings, the infected computers become ‘spam zombies’ which send hijacked information back to a US-based server.

"There are thousands of machines pinging back daily. There is a keylogger file that grows and grows, and then is zipped off and then the cycle continues again," said Eckelberry.

The theft is being investigated by the US law enforcers at the Federal Bureau of Investigation.

Sunbelt has recommended installing firewall protection as a first line of defense against spyware attacks.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics