Inside the Trojan family, password stealers (abbreviation : PWS) are dedicated to monitoring some of your keystrokes. They collect confidential information like Internet logins. Depending on the data collected, an attacker is then able to access your bank, e-commerce, game or social networking website account for the purpose of fraud or other criminal activities.

McAfee Avert Labs recently added detection for a newcomer distributed over the Skype VoIP network. Named PWS-JO, it captures all keystrokes, saves them to a local file and contacts a remote website - hopefully no longer accessible - to send them to. This new example illustrates a new variety of attack vector (in this case a VoIP client), no longer limited to viruses, spammed email or malicious webpages for distribution.

This new alert must also remind us that password stealers are more and more numerous and not limited to immediate financial offenses. Although 62% of them target financial institutions, it is important to note that Massive Multi-Player Online Role Playing Games (MMORPG) are the second predominantly targeted vector (approx 18%).

At McAfee the main PWS families are the following:

In one year the PWS family number grew by 240% (from 5000 to 12000). Users must stay vigilant to not lose their “cyber-money” as well as their uber dragon sabre!!!