Ramnit Malware Now Targeting Steam Users

Status
Not open for further replies.

aramisathei

Honorable
Aug 25, 2012
8
0
10,510
"Even more, don't store credit card information on Steam: simply enter the number each time you make a purchase." Unless you're using a virtual keyboard, this is actually less secure since the exploit they're talking about is also a keylogger.
 

ojas

Distinguished
Feb 25, 2011
370
0
18,940
@arami: depends, a keylogger will also have extra junk keystrokes, plus the expiry date and other info isn't entered via the keyboard.

local virtual keyboards might be vulnerable to screen-shot based attacks, or even key loggers if they're using STDIN as well.
 

ubercake

Distinguished
Oct 28, 2009
308
0
18,960
The guys at Steam could write some code identifying when the user's browser is attempting to pass the pwd2 form field (or any other unexpected form field/value pairs) when logging into Steam. This would help the users identify whether or not they have this malware running on their machine.
 

rylt

Honorable
Aug 14, 2013
1
0
10,510
@ubercake

"But Maor reports that Ramnit avoids server-side detection by removing the injected element before the form is sent back to the website."

from the article.
 

ubercake

Distinguished
Oct 28, 2009
308
0
18,960

Ah. Missed that. Hopefully we'll see some updates to detect this on the client side.
 
Status
Not open for further replies.