Thursday, October 19, 2006
Are Keyloggers Watching You?
According to a letter sent to clerks of district and bankruptcy courts, the United States Computer Emergency Readiness Team (US-CERT), a part of Homeland Security, has notified the Administrative Office of the United States Courts (AOUSC) that a number of user accounts which access PACER and/or CM-ECF systems are infected with keystroke logging programs, also called keyloggers.
Keyloggers are a form of computer software designed to infiltrate or damage a computer system without the owner's knowledge. The software is installed when a user opens an infected e-mail file or through exploitation of a security vulnerability on a system. Keyloggers are usually configured to capture account names and passwords and pass the captured information to a drop-site owned by a hacker. Keyloggers are usually after financial account access.
The AOUSC has notified the affected users of the detected infection on their machines, and the fact that their PACER and/or CM/ECF names and passwords (and quite likely their banking and client communications accounts) have been compromised. Even if you have not received such a notification, it is prudent for all computer users to check all computers which are used for access to accounts of any kind, run an anti-spyware or anti-viral program and follow the advice it provides. To combat the return of a keylogger, the computers that you use should be running up-to-date detection programs and computer operating systems should be running with the latest versions released by the operating system vendor.
Once a computer is infected with malicious software (malware), the only sure method of removing it is to backup all data, and reinstall the operating system and all programs. Once a keyloggger has been removed users must change the PACER and CM/ECF filer passwords, along with all other passwords in use for financial account access, etc. Changing passwords before removing the keylogger or without installing anti-viral and anti-spyware software will not solve the problem.
The court’s PACER and CM/ECF systems are NOT compromised and keylogging has not infected any judiciary servers or client machines. ¶ 9:13 AM
Keyloggers are a form of computer software designed to infiltrate or damage a computer system without the owner's knowledge. The software is installed when a user opens an infected e-mail file or through exploitation of a security vulnerability on a system. Keyloggers are usually configured to capture account names and passwords and pass the captured information to a drop-site owned by a hacker. Keyloggers are usually after financial account access.
The AOUSC has notified the affected users of the detected infection on their machines, and the fact that their PACER and/or CM/ECF names and passwords (and quite likely their banking and client communications accounts) have been compromised. Even if you have not received such a notification, it is prudent for all computer users to check all computers which are used for access to accounts of any kind, run an anti-spyware or anti-viral program and follow the advice it provides. To combat the return of a keylogger, the computers that you use should be running up-to-date detection programs and computer operating systems should be running with the latest versions released by the operating system vendor.
Once a computer is infected with malicious software (malware), the only sure method of removing it is to backup all data, and reinstall the operating system and all programs. Once a keyloggger has been removed users must change the PACER and CM/ECF filer passwords, along with all other passwords in use for financial account access, etc. Changing passwords before removing the keylogger or without installing anti-viral and anti-spyware software will not solve the problem.
The court’s PACER and CM/ECF systems are NOT compromised and keylogging has not infected any judiciary servers or client machines. ¶ 9:13 AM
