Security news
Security news22 November 2006
Over half of Chinese malware aims to steal passwords, reports Sophos
Chinese malware steals passwords.
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have revealed that over half of all malware originating in China in October was designed to steal usernames and passwords. This malicious code is designed to give cybercriminals easy access to personal and sensitive data for financial gain and identity theft.
By analysing the malware, Sophos has identified that 45.2% aimed to steal online game login information, with a further 7.5% designed to provide the hackers with username and password details for the popular Chinese QQ instant messaging client.
"Given the ever growing popularity of online gaming in China, this is a worrying trend - once hackers have stolen login details, they can effectively impersonate the victim in the online world," explained Carole Theriault, senior security consultant for Sophos. "Millions of people play these games every day, but once inside the game, it's difficult to check their identity and these cybercriminals can wreak havoc, for example buying and selling items in online stores and running up huge debts without the victim even realising."
Furthermore, with a significant proportion of the remaining malware designed to give hackers access to instant messaging clients, Sophos is warning computer users of the risks of using the same password across multiple sites and of the importance of using secure passwords.
"While hacking into an instant messaging client may not seem like the end of the world, the danger is that the cyber criminals will have inadvertently gained access to bank accounts, or cracked the passwords to secure password protected information, from which they can steal confidential and financial information," concluded Theriault.
Sophos recommends that businesses secure their PCs with a consolidated solution to defend against spyware, viruses and spam, as well as ensuring that their software offers automatically updated protection. Computer users should also be wary of unsolicited emails, and display caution when clicking on or opening unknown links or attachments.
Download now
- SQL injection attacks are the biggest threat
- 90% of malware on legitimate sites
- Hackers exploit Web 2.0
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
