The McAfee researchers recently discovered a new keylogger
malware, which is hosted in a forum with an intention to infect visitors of the
forum, is said to be active. According
to the data security company, the malware is an Iranian keylogger, known as
Marmoolak.
Like every other keylogger, the Marmoolak is also used to
save the encrypted keystrokes by the users, with a purpose to steal sensitive
user login credentials and other details.
“On execution, the
file adds a copy of itself into the System32 folder as Mcsng.exe. The malware
also launches a process that drops and writes the file 1stmp.sys in the
%system32%\config folder” wrote, the McAfee researchers, who found the
malware, in McAfee Blog Central.
“Although the file
extension suggests it is a .sys (system) file, it is not. Its purpose is to
function as a log file that contains the encrypted keystrokes of the user.
Every time a key is pressed, the process records the keystroke, encrypts it and
appends it to 1stmp.sys.”
“After the keystrokes
are logged and encrypted, the malware mails its content to its author. The
malware also sends computer name and user name data to its master.”
Installing comprehensive antivirus and internet security
software like those from McAfee can protect you from Marmoolak and other
malware variants. These are reliable and tested security products that give
always-on and proactive protection from all incoming threats. Simply install
and start using them and if problems arise, then avail McAfee technical support from reliable-legitimate company.
SupportBuddy is one good company on this front. It is best known for its
effective and easy support for all brands like support for antivirus, support
for browsers, Compaq support,
support for computers and more.
No comments:
Post a Comment