Quick Links: SpywareGuide Greynets Blog | SpywareGuide Product Database | SpywareGuide Company Database | SpywareGuide Categories
Search SpywareGuide Database & Site
Security Email Alerts & Updates
SpywareGuide powered by FaceTime Security Labs

CD-Rom Spyware, delivered to your door in less than 60 minutes!

by Chris Boyd, Wayne Porter

 Imagine this scenario Big Jim the Mailman comes knocking at your door, and pushes a bunch of letters through your mailbox. Nothing unusual there - let's see....bill, bill, final demand, application letter, more final demands, charity collection leaflet, a picture of what's going to happen to you if you don't pay your final demand...

..but wait! What's this...a whole bunch of CD Roms. Well, nothing unusual there, either. You're feeling a bit sick and tired of your ISP, so you decide to give Mega Fun Internets Corp a try. Nothing to lose, right? You insert the CD, boot that thing up and.....nothing. A few more attempts, and you hurl the CD into the trashcan. At this point, you remember your credit card bill is overdue - as you logon, you fail to notice the keylogger that's been silently installed by the CD...

Far fetched? No, it's already happening. There has already been a large fallout from "trusted" CDs infected with rootkit technology - we only need to cast an eye over the multitude of Sony Rootkit stories. However, a story has emerged from Japan that should be enough to make anyone think twice about inserting a supposedly "trustworthy" disk:

31-year-old Atsushi Takewaka is suspected of accessing victims' computers to steal internet banking passwords, which he used to illegally withdraw money from online accounts. According to police, Takekawa is alleged to have told them, "I created the spyware in about three months using a range of software. I wanted money to live on." Hirayama is said by police to have also admitted attempting to steal money out of bank accounts by sending CD ROMs to firms that, when run on a PC, would install the spyware.

pqnelhleyy 23acd9ae 61752105

  Now the CD Rom aspect of the story is barely given a mention, but let's zoom in on that for a second. How many disks do you think come through your mailbox each week? How many does the average end-user insert into their computer? We imagine it's a fair percentage. How easy would it be for someone to create a similarly malicious CD, and distribute it via door drops, adverts in papers under the guise of accounting software/games/self-help programs, sweepstake "winners" or even a bogus music CD? The amount of ways people could game the system using an infected CD is pretty frightening, especially as the first stage of the attack would rely on old-school advertising tricks based in the real world. Tactics along the lines of those employed by Internet Registrar companies, who send letters warning that your domain is about to expire, only for the hapless victim to pay up and then realise the letter sender was not their registrar, could work very well in this respect. Combine a few adware fanatics with a few experienced door-drop conmen and you have a recipe for disaster.

  There have already been warning shots fired for this kind of attack - notably
here, and here. Interestingly enough, these were also in Japan. Looking back, it's highly likely that those attacks were engineered in the same manner as this more recent effort. The potential for damage using this method of install could be extremely severe. The above theoretical examples are bad enough, but what if someone simply took a pile of legit Net Connection CDs from any standard ISP, swapped the real disk for a phoney one, then started posting them from door to door? Stranger things can (and will) happen in the field of spyware. And, as we can see in a recent interview with the BBC, FaceTime Security Research Manager Chris Boyd details his thoughts on where the spyware "arms race" will lead next. Those thoughts point to one thing - the people behind these kind of attacks will use any and all means necessary to achieve their goal.

  Automatically installed rootkits and keyloggers, from a previously unthought of object you see enter and exit your house on a daily basis?

That's something we would rather wasn't delivered in 60 minutes or less. And they can keep the late delivery fee, too.

Unless otherwise noted this article is Copyright © 2021 by FaceTime Communications, Inc. This article may not be resold, reprinted, or redistributed for compensation of any kind without prior written permission from FaceTime Communications, Inc. For reprint or media inquires please contact us with the phrase "Spyware Guide Articles" in the subject line and we will by happy to assist you. Links to this article from other websites are appreciated and encouraged. Users are also encouraged to utilize our RSS system to provide unique content and extracts for their site.

Read other articles (back to full list)

Help with the BUST!
Click here and give us what details you have and let our international research team take it from there. If you desire your report will remain anonymous.
Recent Blog Posts
Notice: Undefined index: version in /data/www/spywareguide/magpierss/rss_parse.inc on line 228
  • A Year In Security
  • Youtube Comment Bot Spams In Waves
  • VGA Awards Trailers Used As Bait For Spam Offers
  • Fake Visa Electronic Report Serves Up Zbot Data Stealer
  • Banned Console Owners Beat The System - With Stickers
  • Spot The Hack
  • The Futility Of EULAs
  • Auto Whaler Spears Phishers
  • Fake Porn Grabbers Snag Nothing But Malware
  • Console DDoS Botnets - A Thriving Industry
  • Recent Modifications
    2021-8-24  Adult Networks/Services
    2017-2-10  Adult Hosts
    2016-3-30  CoolWebSearch
    2015-9-29  Malicious URLS
    2015-5-19  Dialers
    2015-1-5  Email Threats
    2013-7-20  Date Manager
    2013-4-10  BeeBus
    2012-12-18  JT.Moonwalk
    2012-12-18  Sadbiz

    Site EULA | Site Map | Contact Us | About Us | Site and Spyware FAQ | Advertise | RSS Feeds  | Link To Us | SpywareGuide Japan Japanese

    © Copyright 2007, FaceTime Communications, Inc. All rights reserved.