Virtual Keyboards are no longer safe

To fight with keyboard loggers (the spyware programs which record your key strokes) some banks started using Virtual keyboards. When using virtual keyboards, you will not enter your password using your keyboard. Instead, you will use your mouse to enter the password by clicking on the alphabets and numbers that appear as images on the screen. It seemed to have worked so far. But not any more.

As per a news item, virtual keyboards are no longer safe, and trojan horse programs have been spreading that can log partial images of the virtual keyboards along with keystrokes without notice of users, enables to break the code. Unfortunately, only 6 of 30 anti-virus programs could detect the trojan horse program.

A Spanish security company, Hispasec Systems, has revealed details of "Trojan horse" programs that can capture video imagery of an unsuspecting person's computer use. If the user enters a PIN on a bank's virtual keypad, the dastardly program is a witness.

Gartner Inc. security analyst Avivah Litan said screen-capture programs that attacked virtual keypads emerged as early as 2003, when banks in Brazil fell prey. She said the technique has remained relatively rare because the programs consume a lot of bandwidth and storage, and there have tended to be a lot of easier targets.

But that may be changing. Quintero said Wednesday that a newly detected Trojan combines keystroke-logging and video-capture functions — and instead of recording the entire screen, the program just grabs images of the immediate area near where the user clicks the mouse. The spy receives a smaller file, making the attack easier to pull off.

Comments

Popular posts from this blog

USCIS Selects Final H1B Petitions by Random Selection - Almost a 50% chance for each Application

H1B 2008:USCIS released Preliminary Numbers

H1B 2009: Will '2007 H1B Rush' repeat in 2008?