Criminals Loved Password Stealers In 2006

A lot of the spam that crawled into inboxes all over the world arrived with one mission - trick the person into dropping a password stealing program onto the system.

Criminals Loved Password Stealers In 2006

Once in place, the majority of those password stealers looked for a specific category of logins. Bank and financial institution passwords offered the criminal spammers the greatest potential for a payoff, so the programs they created looked for those.

Password stealers became much more numerous in 2006. Researcher Francois Paget at McAfee blogged how such programs increased by 240 percent for 2006.

The majority of those password stealers, about 62 percent of the group, sought out financial information. Gamers should be wary of them as well, as Paget noted 18 percent of these programs targeted logins for MMORPGs like World of Warcraft.

A smaller number, 10 percent, sought out social networking and instant messaging login information. That could indicate a belief that many people tend to use the same login information to access other, more lucrative sites, making a theft of such details key to accessing other websites.

Spam has been the vector for criminal activities like these, but as new technologies gain mainstream usage, the attacks shift as well. One password stealer dubbed PWS-JO was discovered recently traveling across Skype's VoIP network.

That password stealer also had the capability to connect to a remote site and bring in additional components. However, McAfee said in its description of the program that the particular site no longer appears to be accessible.

During 2006, McAfee observed the number of password stealers jump from 5,000 to 12,000. That can only increase over time.