Ramnit Malware Now Targeting Steam Users

Status
Not open for further replies.
"Even more, don't store credit card information on Steam: simply enter the number each time you make a purchase." Unless you're using a virtual keyboard, this is actually less secure since the exploit they're talking about is also a keylogger.
 
@arami: depends, a keylogger will also have extra junk keystrokes, plus the expiry date and other info isn't entered via the keyboard.

local virtual keyboards might be vulnerable to screen-shot based attacks, or even key loggers if they're using STDIN as well.
 
The guys at Steam could write some code identifying when the user's browser is attempting to pass the pwd2 form field (or any other unexpected form field/value pairs) when logging into Steam. This would help the users identify whether or not they have this malware running on their machine.
 
@ubercake

"But Maor reports that Ramnit avoids server-side detection by removing the injected element before the form is sent back to the website."

from the article.
 

Ah. Missed that. Hopefully we'll see some updates to detect this on the client side.
 
Status
Not open for further replies.