Keylogger iSpy was updated on 3.x and of course security companies have begun to alert cyber.
ISpy is being advertised in an underground hacking forum where its developer has malware with monthly subscriptions.
Currently the iSpy home page is down, but sales must have already begun, as security researchers from Zscaler infections have been reported with the most recent version.
Let's say the malware developer called CorelMASTERX could very easily turn it into a fully functional RAT.
Currently, based on the analysis by Zscaler, the trojan includes some of the key features that you will find in most malware that are sold online.
So the new iSpy in addition to the obvious keylogging functionality brings new features such as the ability to intercept data from the clipboard, and passwords from various applications such as:
Firefox, Chrome, IE, Safari, Opera, the Outlook, το Thunderbird, το Windows Live Mail, το FileZilla, CoreFTP, Pidgin, and PalTalk.
There is also one mode software license recovery for applications and operating systems such as Windows, Microsoft Office, SQL Server, Microsoft Visual Studio, Minecraft, and more.
Additionally, there are features that allow subtheft PINs from RuneEscape stores, and Skype chats.
Other iSpy features allow users to block access to specific websites using the local hosts file, disable access to functions of Windows (cmd.exe, Task Manager, Regedit, etc), and take screenshots of the user's screen or through the camera.
To avoid detection by antivirus software, the keylogger, in addition to having its own registry key, adds another registry key to avoid antivirus software at the start.
Like most malware, the iSpy source code is protected using various custom packers, and its payload is signed by a digital certificate, probably forged or stolen.
More features