As I wrote in these articles, there has been a steep rise in the malware infection rates in some European countries that typically have some of the lowest malware infection rates in the world: Austria, Germany, Italy, and the Netherlands.  Four specific families of threats contributed to the steep rise in the malware infection rates in these locations: Win32/EyeStye, Win32/Zbot (also known as Zeus), Win32/Keygen, and Blacole.

Yesterday I published an article with more details on Blacole called “The Rise of the “Blackhole” Exploit Kit: The Importance of Keeping All Software Up To Date.” Today, the Microsoft Malware Protection Center (MMPC) published a new threat report that provides deep technical analysis on the threat most responsible for driving the trend we are seeing in the EU: Win32/EyeStye (a.k.a. SpyEye).

Win32/EyeStye is a family of Trojans that attempt to steal sensitive data, such as logon credentials, from banking websites and other online properties. It then sends this data to a remote attacker. EyeStye is distributed commercially in the form of a builder kit. Modules or plug-ins are also available.

This paper is recommended reading for security professionals on the front lines of trying to defend their organizations and people from threats like EyeStye.

Comments (0)