Friday, August 14, 09:16
Home security The new Keylogger Phoenix disables 80 security products and is not detected

The new Keylogger Phoenix disables 80 security products and is not detected

Keylogger PhoenixAccording to a report by its researchers Cybereason, new keylogger Phoenix that appeared on hacking forums in the summer, associated with more than 10.000 infections.

It first appeared in July when it was released on HackForums. Gradually, the keylogger began to gain ground and is now considered one of the most important threats.

Hackers have begun using the Phoenix keylogger to launch data theft campaigns. The researchers they have too many detections attacks, associated with this keylogger.

Theft of information

According to Cybereason researchers, the hacker behind the Phoenix is ​​very experienced and highly skilled. Within just a few months developed Phoenix and converted it from a simple keylogger to a multi-functional one trojan information theft (infostealer).

The original versions were only capable of keylogging. However, the latest versions have ability to steal data user, such as passwords access, from: 20 different browsers, 4 different email clients, FTP clients and applications.

Most worrying, though, is that Phoenix it also has anti-AV and anti-VM features, that help keep it hidden so cannot be detected and analyzed.

Both functions provide a list of them processes that should end the Phoenix keylogger, before continuing on malicious its activities.

This list includes more than 80 known security products and virtual machine (VM) technologies. These are used to detect and analyze suspicious programs. Therefore, turning them off is very dangerous.

In the picture below you can see the list of products that disables the Phoenix keylogger:

Security products detect threats and alert them users for any suspicious move. However, if Phoenix does its job properly, it will be able to collect the data it wants and send it to hackers, without realizing it.

Theft credentials

Cybereason researchers believe the Phoenix keylogger is particularly popular because it is easy to use. It was also observed that it is used with different configuration in different attacks, depending on the target of the attacker.

In most cases, the goal was to steal information, sending them to the attackers and disappearing from it system.

“Our guess is that Phoenix is ​​used more for a simple theft of information than for tool designed for long-term monitoring, ”said one researcher.

"As this is a completely new malware in progress, there may be a change that will turn it into a more powerful surveillance tool in the future."

“As for the clientele, it seems that most buyers are interested in acquire sensitive data that could later be sold in underground markets, mainly those related to credentials", The researcher added.

The Phoenix keylogger can steal and send data to hackers in a matter of seconds. This is why it is not used as a long-term monitoring tool. He gets the information he wants right away.

Cybereason researchers believe creator of keylogger Phoenix is ​​also creator of Alpha Keylogger, another malware which stopped being released a few months before Phoenix was released. The researchers link the two keyloggers because of their shared code and the similar way in which they were presented to advertisements on hacking forums.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

The 20 best gaming consoles of all time

On the threshold of the new generation of consoles, such as the PlayStation 5 and the Xbox Series X, these are the most important and ...

Smart locks: Every home needs to have one!

Home security is a complex issue, but anything is safer than hiding a spare key in a very ...

LinkedIn: How do you record and display the pronunciation of your name?

Having a last name that almost no one pronounces correctly can sometimes be annoying. Thus, LinkedIn attempts ...

Cyber ​​attacks: 5 steps to deal with security incidents

Every organization is prone to cyber attacks and, when it happens, there is a small line between rescuing your network security and ...

Protect your personal data while on vacation

Have you had the chance to go on vacation and lose your passport, your wallet or other ...

How to get Snapchat on your computer

One of the most popular applications in recent years, Snapchat, has given many hours of fun and communication to its users. But did you know ...

Windows applications you need to delete for a better experience!

Some Windows applications are necessary for a computer to function properly, while others often cause problems. These are applications that ...

How to test the new data-saving video settings of Chrome 86?

If there's one issue with the upcoming Chrome 86 update, it seems to be efficiency. Users expect a ...

Netflix: How to change the language in profiles, subtitles and audio

Netflix is ​​not just an English-language streaming service with content from around the world. You can easily watch movies and ...

How to block spam calls and messages on Android?

Android can help you block and get rid of annoying spam calls. If you block ...