Chinese malware steals passwords.
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis centers, have revealed that over half of all malware originating in China in October was designed to steal usernames and passwords. This malicious code is designed to give cybercriminals easy access to personal and sensitive data for financial gain and identity theft.
By analysing the malware, Sophos has identified that 45.2% aimed to steal online game login information, with a further 7.5% designed to provide the hackers with username and password details for the popular Chinese QQ instant messaging client.
"Given the ever growing popularity of online gaming in China, this is a worrying trend - once hackers have stolen login details, they can effectively impersonate the victim in the online world," explained Carole Theriault, senior security consultant for Sophos. "Millions of people play these games every day, but once inside the game, it's difficult to check their identity and these cybercriminals can wreak havoc, for example buying and selling items in online stores and running up huge debts without the victim even realising."
Furthermore, with a significant proportion of the remaining malware designed to give hackers access to instant messaging clients, Sophos is warning computer users of the risks of using the same password across multiple sites and of the importance of using secure passwords.
"While hacking into an instant messaging client may not seem like the end of the world, the danger is that the cyber criminals will have inadvertently gained access to bank accounts, or cracked the passwords to secure password protected information, from which they can steal confidential and financial information," concluded Theriault.
Sophos recommends that businesses secure their PCs with a consolidated solution to defend against spyware, viruses and spam, as well as ensuring that their software offers automatically updated protection. Computer users should also be wary of unsolicited emails, and display caution when clicking on or opening unknown links or attachments.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.