Keylogger iSpy was updated on 3.x and of course security companies have begun to alert cyber.
ISpy is being advertised in an underground hacking forum where its developer has malware with monthly subscriptions.
Currently the iSpy home page is down, but sales must have already begun, as security researchers from Zscaler infections have been reported with the most recent version.
Let's say the malware developer called CorelMASTERX could very easily turn it into a fully functional RAT.
Currently, based on the analysis by Zscaler, the trojan includes some of the key features that you will find in most malware that are sold online.
So the new iSpy in addition to the obvious keylogging functionality brings new features such as the ability to intercept data from the clipboard, and passwords from various applications such as:
Firefox, Chrome, IE, Safari, Opera, Outlook, Thunderbird, Windows Live Mail, FileZilla, CoreFTP, Pidgin, and PalTalk.
Υπάρχει και μια λειτουργία ανάκτησης αδειών χρήσης λογισμικού για εφαρμογές και λειτουργικά συστήματα όπως το Windows, Microsoft Office, SQL Server, Microsoft Visual Studio, Minecraft, and more.
In addition, there are features that allow you to pinch PINs from RuneEscape stores, and Skype conversations.
Other features of iSpy allow users to block access to specific websites, χρησιμοποιώντας το τοπικό αρχείο hosts, να απενεργοποιούν την πρόσβαση σε λειτουργίες των Windows (cmd.exe, Διαχείριση Εργασιών, Regedit, κλπ), και να παίρνουν screenshots of the user's screen or through the camera.
To avoid detection by antivirus software, the keylogger, in addition to having its own registry key, adds another registry key to avoid antivirus software at the start.
Like most malware, the iSpy source code is protected using various custom packers, and its payload is signed by a digital certificate, probably forged or stolen.
More features