Jump to content

A day late, a dollar short, but progress (perhaps?)


Recommended Posts

Kaspersky Lab - Analyst's Diary

Today Nikolay Patrushev, head of the (Russian) Federal Security Services, announced the results of the measures taken to combat cyber crime in 2007.

Among other information, it was announced that it had been established who was the author of the notorious Pinch Trojan - two Russian virus writers called Ermishkin and Farkhutdinov. The investigation will soon be completed and taken to court.

It's well known that Pinch is one of the most popular Trojan programs with Russian malicious users. The Trojan makes it possible to steal email, icq and other account data, including to network services and application. The authors of this program, also known as Damrai and Scratch, used Pinch to build a criminal industry.

Anyone who wants can order a customized version of the Trojan, and also get 'technical support' from the authors of the program. Russian hacker forums were flooded with advertisements for this 'service'.

A mass of scri_pt-kiddies clearly found the idea attractive - get a functional spy program for a mere few dollars. As a result, the Internet became flooded with Pinch modifications. Our antivirus databases currently contain more than four thousand variants.

Russians Close to Prosecuting 'Pinch' Trojan Authors

Pinch has a highly-developed user interface that can be used for sorting information it steals off other computers, according to F-Secure.

It can steal e-mail account passwords, pilfer other password information stored in the Internet Explorer, Firefox and Opera browsers, and snap screenshots.

That stolen information can also be encrypted before it is sent back to the hacker, according to Panda Security, another security vendor.

Pinch could also be customized to have the victimized computer join a botnet, or a network of computers set up to hide other malicious activity by the hacker. Botnets are often used to send spam or mount other hacking attacks.

As stated, the problem won't be cured even if these two are prosecuted, but ... good news overall ...

Link to comment
Share on other sites

  • 2 weeks later...

Yea, now if we can only get the Russian domain registrars to act on the fraudulent WHOIS data and spamvertized domains they register. I'm tired of receiving replies "we cannot remove a domain without a court order"... it's either BS or the laws in Russia are that f**ked.

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...