Phish: June 2008 Archives

Sysda Act

| | Comments (0)
Oh hi there.  Apologies for the Whoopee movie reference, but its hard to come up with something catchy.  This latest threat coming through the Facetime Security Labs steals passwords related to chinese sites.  This is not really a threat to most businesses in the US, but judging from the malware trend coming from China and spreading to the rest of the world I'd say its only a matter of time before we start seeing the same method of theft.  The name of this new threat has been named SysdaSysda lies dormant until a certain site is navigated to.  This site is generally related to when a user attempts to change their password for the site.  After that it simply posts the information back to the attacker.  Users should be on the look out for a file called "sysdajchv.dll".  All it really needs is to hook into iexplore.exe to steal your user credentials. 

crack.PNG
The above illustrates that Sysda is attempting to steal login credentials to Sohu.com.  Whether this is simply a new way to phish for information, or something more sinister along the lines of fraud are still unclear at this point.  I'll let you know what I found out.

Pages

About this Archive

This page is a archive of entries in the Phish category from June 2008.

Phish: April 2008 is the previous archive.

Phish: August 2008 is the next archive.

Find recent content on the main index or look in the archives to find all content.