Oh hi there. Apologies for the Whoopee movie reference, but its hard to come up with something catchy. This latest threat coming through the Facetime Security Labs steals passwords related to chinese sites. This is not really a threat to most businesses in the US, but judging from the malware trend coming from China and spreading to the rest of the world I'd say its only a matter of time before we start seeing the same method of theft. The name of this new threat has been named Sysda. Sysda lies dormant until a certain site is navigated to. This site is generally related to when a user attempts to change their password for the site. After that it simply posts the information back to the attacker. Users should be on the look out for a file called "sysdajchv.dll". All it really needs is to hook into iexplore.exe to steal your user credentials.
The above illustrates that Sysda is attempting to steal login credentials to Sohu.com. Whether this is simply a new way to phish for information, or something more sinister along the lines of fraud are still unclear at this point. I'll let you know what I found out.
Leave a comment