Anti-spyware researchers have uncovered a massive identity theft ring linked to keylogging software. The malware was discovered by Patrick Jordan of Sunbelt Software while doing research on the infamous CoolWebSearch application but the key logger itself is not CWS. It's far nastier.

During the course of infecting a machine, Jordan discovered that the machine became a spam zombie that was also sending data back to a remote server. He found that thousands of infected machines are contacting a US-based server daily and a portion of these are writing to a keylogger file, which is periodically harvested by cybercriminals. "The types of data in this file are pretty sickening to watch. You have search terms, social security numbers, credit cards, logins and passwords, etc," Sunbelt president Alex Eckelberry writes.

The use of key logging software on an industrial scale is rare but not unprecedented. Malware can be programmed to send back sensitive information to designated servers, in some cases logging into the servers using passwords written into viral code. Security researchers able to reverse engineer items of malware can extract this password and location information and use it to monitor hacker activity. ®

Related stories

Spyware 'calling home' volumes soar
CoolWebSearch is winning Trojan war
Malware maelstrom menaces UK
Cyber cops foil £220m Sumitomo bank raid
Watch out! Incoming mass hack attack