August 6, 2005

Identity Theft -- CoolWebSearch is bad

A possible big ID Theft operation seems to be ignored by the FBI Ars Technica has the news:
Massive spyware-based identity theft ring uncovered
Researchers from a little-known security software company named Sunbelt Software have seemingly uncovered a criminal identity theft ring of massive proportions. According to one of their employees, Alex Eckelberry, during the course of one of their recent investigations into a particular Spyware application—rumored to be called CoolWebSearch—they've discovered that the personal information of those "infected" was being captured and uploaded to a server.

One can only speculate about why someone would do such a thing; the amount of data that could be gathered would almost certainly be daunting for even a few people to sift through and exploit. On the other hand, the researchers at Sunbelt have personally uncovered the personal information of two individuals who, combined, could be taken for well over US$350,000.

The list of stolen information includes not only bank accounts but website passwords, eBay accounts, what sort of adult images you fancy, and, supposedly, even more. The researchers initially had tried in vain to get a hold of someone who could take action on this issue but didn't get a response right away:
We have notified the FBI, but of course no response (too busy doing other more important things). We have notified a few of the parties involved...If anyone has any other ideas, send 'em to us. Right now, we're sitting upon literally thousands of pages of stolen identities that are being used right now.
Good news came today, though, that the FBI had responded and are currently working the case. We've emailed Alex and tried to see if we could get any more details about the whole thing out of him, but at the time of publication, we had not received a response. Hopefully the people who've perpetrated this massive-scale theft of personal data can be quickly caught and brought to justice due to the quick actions of Alex Eckelberry and the researcher who discovered the crime, Patrick Jordan.
The news article has a few updates that expand on the scope of this scam and cover a little bit of how it was discovered. I will say it again: If someone is offering a cool new piece of software for free, they are getting their money from a different revenue stream. Sometimes it is legit -- Adobe Acrobat, Apple iTunes and QuickTime Sometimes it is Malware like CoolWebSearch. Posted by DaveH at August 6, 2005 10:32 PM
Comments
Post a comment









Remember personal info?