SpyEye_trojan
SpyEye
Malware program
SpyEye is a malware program that attacks users running Google Chrome, Safari, Opera, Firefox and Internet Explorer on Microsoft Windows operating systems.[1] This malware uses keystroke logging and form grabbing to steal user credentials for malicious use.[1][2] SpyEye allows hackers to steal money from online bank accounts and initiate transactions even while valid users are logged into their bank account[3]
SpyEye has the ability to insert new fields and alter existing fields when a compromised user's browser displays a web page, allowing it to prompt for user names, passwords, or card numbers, thereby giving hackers information that allows them to steal money without account holders ever noticing. It can save the user's false balance (with fraudulent transactions hidden) so that the next time the user logs in, the fraudulent transactions and real balance are not displayed in the user's browser (though the bank still sees the fraudulent transactions.)[4]
SpyEye emanated from Russia in 2009 and was sold in underground forums for $500+ in which SpyEye advertised features such as keyloggers, auto-fill credit card modules, email backups, config files (encrypted), Zeus killer, HTTP access, POP3 grabbers and FTP grabbers.[5]
Target users and institutions in the United States, United Kingdom, Mexico, Canada and India were the largest victims of SpyEye; the United States made up 97% of the institutions that fell victim of this malware.[6]