Ramnit Malware Now Targeting Steam Users

Status
Not open for further replies.

aramisathei

Honorable
Aug 25, 2012
8
0
10,510
0
"Even more, don't store credit card information on Steam: simply enter the number each time you make a purchase." Unless you're using a virtual keyboard, this is actually less secure since the exploit they're talking about is also a keylogger.
 

ojas

Distinguished
Feb 25, 2011
370
0
18,940
2
@arami: depends, a keylogger will also have extra junk keystrokes, plus the expiry date and other info isn't entered via the keyboard.

local virtual keyboards might be vulnerable to screen-shot based attacks, or even key loggers if they're using STDIN as well.
 

ubercake

Distinguished
Moderator
Oct 28, 2009
308
0
18,960
21
The guys at Steam could write some code identifying when the user's browser is attempting to pass the pwd2 form field (or any other unexpected form field/value pairs) when logging into Steam. This would help the users identify whether or not they have this malware running on their machine.
 

rylt

Honorable
Aug 14, 2013
1
0
10,510
0
@ubercake

"But Maor reports that Ramnit avoids server-side detection by removing the injected element before the form is sent back to the website."

from the article.
 

ubercake

Distinguished
Moderator
Oct 28, 2009
308
0
18,960
21

Ah. Missed that. Hopefully we'll see some updates to detect this on the client side.
 
Status
Not open for further replies.
Thread starter Similar threads Forum Replies Date
SyncroScales Streaming Video & TVs 1
Paul Wagenseil Streaming Video & TVs 1
E Streaming Video & TVs 1
Marshall Honorof Streaming Video & TVs 14
Paul Wagenseil Streaming Video & TVs 3
Jill Scharr Streaming Video & TVs 1
Marshall Honorof Streaming Video & TVs 15
G Streaming Video & TVs 6
G Streaming Video & TVs 1
G Streaming Video & TVs 2
Marshall Honorof Streaming Video & TVs 2
G Streaming Video & TVs 2
G Streaming Video & TVs 5
G Streaming Video & TVs 7
G Streaming Video & TVs 1
G Streaming Video & TVs 7
G Streaming Video & TVs 5
G Streaming Video & TVs 0
G Streaming Video & TVs 2
G Streaming Video & TVs 3

ASK THE COMMUNITY