In Network World‘s Security Strategies Alert newsletter, Mohamed Hassan details his discovery of StarLogger keyloggers on several different Samsung laptops.
Keyloggers record every keystroke on a computer’s keyboard and email them to a recipient. This keylogger was hidden and pre-loaded on the computers he tested, making it a significant step beyond the “Sony BMG rootkit fiasco” from 2005. There, keyloggers were loaded onto users’ computers from music CDs with the ostensible goal of limiting illegal music use.
Sponsor
The Sony keylogger incident was taken to court and the company forced to pay out $575 million to users who had experienced security issues after trying to remove the program.
After using a commercial security program, Hassan found the keylogger in the c:\windows\SL directory of his laptop.
Hassan decribes how the Starlogger program works:
“This key logger is completely undetectable and starts up whenever your computer starts up. See everything being typed: emails, messages, documents, web pages, usernames, passwords, and more. StarLogger can email its results at specified intervals to any email address undetected so you don’t even have to be at the computer.”
The newsletter’s editor Mich Kabay says they contacted three PR reps at Samsung but, after a week of waiting, have yet to receive a response. Will this trigger a class-action lawsuit, as he thinks? I wouldn’t bet against it.
0 Responses
Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.