Keylogger iSpy was updated on 3.x and of course security companies have begun to alert cyber.
iSpy is advertised on an underground hacking forum, where its developer features the malware software with monthly subscriptions.
Currently the iSpy home page is down, but sales must have already begun, as security researchers from Zscaler infections have been reported with the most recent version.
Let's say the malware developer called CorelMASTERX could very easily turn it into a fully functional RAT.
Currently, based on the analysis by Zscaler, the trojan includes some of the key features that you will find in most malware that are sold online.
So the new iSpy in addition to the obvious keylogging functionality brings new features such as the ability to intercept data from the clipboard, and passwords from various applications such as:
Firefox, Chrome, IE, Safari, Opera, το Outlook, το Thunderbird, το Windows Live Mail, το FileZilla, CoreFTP, Pidgin, and PalTalk.
There is also a software license recovery feature for applications and operating systems such as Windows, Microsoft Office, SQL Server, Microsoft Visual Studio, Minecraft, and more.
In addition, there are features that allow you to pinch PINs from RuneEscape stores, and Skype conversations.
Άλλα χαρακτηριστικά του iSpy επιτρέπουν στους users να μπλοκάρουν την πρόσβαση σε συγκεκριμένες ιστοσελίδες, χρησιμοποιώντας το τοπικό αρχείο hosts, να απενεργοποιούν την πρόσβαση σε λειτουργίες των Windows (cmd.exe, Διαχείριση Εργασιών, Regedit, κλπ), και να παίρνουν screenshots της οθόνης του χρήστη ή μέσω της κάμερας.
To avoid detection by antivirus software, the keylogger, in addition to having its own registry key, adds another registry key to avoid antivirus software at the start.
Like most malware, the iSpy source code is protected using various custom packers, and its payload is signed by a digital certificate, probably forged or stolen.
More features